b'\x0cOIG Mission\n\n                   semiannual report to congress | october 1, 2011\xe2\x80\x93march 31, 2012\n\n\n\n\n     T\n            he mission of the Office of Inspector General (OIG) is to promote the integrity, efficiency,\n            and effectiveness of the critical programs and operations of the United States (U.S.) Secu\xc2\xad\n            rities and Exchange Commission (SEC or Commission). This mission is best achieved by\n     having an effective, vigorous, and independent office of seasoned and talented professionals who\n     perform the following functions:\n\n     \xe2\x80\xa2\t   Conducting\tindependent\tand\tobjective\t           \xe2\x80\xa2\t   Offering\texpert\tassistance\tto\timprove\t\n          audits, evaluations, investigations, and             SEC programs and operations;\n          other reviews of SEC programs and               \xe2\x80\xa2\t   Communicating\ttimely\tand\tuseful\t\n          operations;                                          information that facilitates management\n     \xe2\x80\xa2\t   Preventing\tand\tdetecting\tfraud,\twaste,\t              decision making and the achievement of\n          abuse, and mismanagement in SEC                      measurable gains; and\n          programs and operations;                        \xe2\x80\xa2\t   Keeping\tthe\tCommission\tand\tCongress\t\n     \xe2\x80\xa2\t   Identifying\tvulnerabilities\tin\tSEC\tsystems\t          fully and currently informed of significant\n          and operations and recommending con\xc2\xad                 issues and developments.\n          structive solutions;\n\n\n\n\n                                                        OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                |    i\n\x0c\x0ccontents\n\n\n\n\n    message from the acting inspector general . . . . . . . . . . . . . . . . . . . . . . . . 1\n\n\n    management and administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5\n    Agency Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5\n    OIG Staffing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5\n\n\n    congressional requests and briefings. . . . . . . . . . . . . . . . . . . . . . . . . . . . 7\n\n\n    advice and assistance provided to the agency . . . . . . . . . . . . . . . . . . . . . . . 9\n\n\n    coordination with other offices of inspector general . . . . . . . . . . . . . . . . 11\n\n\n    audits and evaluations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13\n    Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .   .   .   .   .   .   .   .   . 13\n        Audits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .   .   .   .   .   .   .   .   . 13\n        Evaluations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .    .   .   .   .   .   .   .   . 13\n        Audit Follow-Up and Resolution . . . . . . . . . . . . . . . . . . . . . .         .   .   .   .   .   .   .   . 14\n    Audits and Evaluations Conducted . . . . . . . . . . . . . . . . . . . . . . . .       .   .   .   .   .   .   .   . 14\n        Follow-Up Review of Cost-Benefit Analyses in Selected\n            SEC Dodd-Frank Act Rulemakings (Report No. 499) . . . . . . . . .              . . . . . . . . 14\n        SEC\xe2\x80\x99s Use of Justifications and Approvals in Sole-Source\n            Contracting (Report No. 507). . . . . . . . . . . . . . . . . . . . . .        . . . . . . . . 16\n        SEC\xe2\x80\x99s Controls Over Government Furnished Equipment and\n            Contractor Acquired Property (Report No. 503) . . . . . . . . . . . .          .   .   .   .   .   .   .   . 19\n        Assessment of SEC\xe2\x80\x99s System and Network Logs (Report No. 500) . . . . .             .   .   .   .   .   .   .   . 21\n        2011 Annual FISMA Executive Summary Report (Report No. 501) . . . .                .   .   .   .   .   .   .   . 22\n    Pending\tAudits\tand\tEvaluations . . . . . . . . . . . . . . . . . . . . . . . . .       .   .   .   .   .   .   .   . 24\n        Review of SEC\xe2\x80\x99s Continuity of Operations Plan . . . . . . . . . . . . . .          .   .   .   .   .   .   .   . 24\n        The SEC\xe2\x80\x99s Controls Over Sensitive and Proprietary Information Collected\n            and Exchanged With the Financial Stability Oversight Council . . . .           . . . . . . . . 25\n        Assessment of the SEC\xe2\x80\x99s Records Management Practices . . . . . . . . . .           . . . . . . . . 25\n        Assessment of the Operating Effectiveness of the Office of\n            International Affairs . . . . . . . . . . . . . . . . . . . . . . . . . .      . . . . . . . . 26\n        Assessment of the SEC\xe2\x80\x99s Hiring Practices for Senior-Level Positions . . . .        . . . . . . . . 26\n        Audit of the SEC\xe2\x80\x99s Tips, Complaints, and Referrals System . . . . . . . . .        . . . . . . . . 27\n\n\n\n\n                                                    OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                                     |   iii\n\x0cinvestigations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29\n\nOverview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .      . . . 29\n\nInvestigations and Inquiries Conducted . . . . . . . . . . . . . . . . . . . . . . . . . .        . . . 30\n\n    Destruction of Records and Related Incomplete Statements (Report No. OIG-567)                 . . . 30\n\n    Allegations of Violation of Conflict of Interest Statute by\n\n          Former Senior Enforcement Official (Report No. OIG-564) . . . . . . . . . .             . . . 32\n\n    Investigation of Alleged Ethics Violations, Misconduct, and\n\n          Time and Attendance Abuse at a Regional Office\n\n          (Report Nos. OIG-562 and PI 10-61) . . . . . . . . . . . . . . . . . . . . . .          . . . 33\n\n    Allegation of Favorable Treatment Provided by Regional Office to\n\n          Prominent Law Firm (Report No. OIG-536) . . . . . . . . . . . . . . . . . .             . . . 34\n\n    Misuse of Government Resources and Official Time at\n\n          Headquarters (Report No. OIG-570) . . . . . . . . . . . . . . . . . . . . . .           . . . 35\n\n    Allegation of Improper Personal Services Contract (Report No. OIG-569) . . . . .              . . . 36\n\n    Allegation of Procurement Violations (Report No. OIG-556) . . . . . . . . . . . .             . . . 37\n\n    Alleged Acceptance of Free or Discounted Legal Services\n\n          From a Prohibited Source (PI 11-25) . . . . . . . . . . . . . . . . . . . . . . .       . . . 37\n\n    Prohibited Personnel Practices in Hiring of Headquarters\n\n          Employee (PI 10-07) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .       . . . 38\n\n    Prohibited Personnel Practices in Hiring of Senior Officer (PI 10-43) . . . . . . . .         . . . 38\n\n    Violation of the Antideficiency Act Resulting from the Hiring of a\n\n          Non-U.S. Citizen (PI 11-45) . . . . . . . . . . . . . . . . . . . . . . . . . . .       . . . 39\n\n    Possible Violations of Ethical Standards and Conflict of Interest Statute (PI 11-26) .        . . . 40\n\n    Alleged Improper Award of Sole Source Contract (PI 11-39) . . . . . . . . . . . .             . . . 41\n\n    Alleged Failure to Pursue Insider Trading Investigation at\n\n          Headquarters (PI 11-10) . . . . . . . . . . . . . . . . . . . . . . . . . . . . .       . . . 41\n\n    Alleged Conflict of Interest, Improper Inducement and\n\n          Acceptance of a Gift, and Other Ethics Violations (PI 11-53) . . . . . . . . . .        . . . 42\n\nCivil\tSettlement\tand\tGuilty\tPlea\tArising\tOut\tof\tOIG\tInvestigations . . . . . . . . . . . .        . . . 43\n\n    Settlement with Department of Justice for Violation of Federal\n\n          Conflict of Interest Statute. . . . . . . . . . . . . . . . . . . . . . . . . . . . .   . . . 43\n\n    Guilty Plea to Felony Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .       . . . 43\n\nPending\tInvestigations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .     . . . 44\n\n\n\nreview of legislation and regulations . . . . . . . . . . . . . . . . . . . . . . . . . . . 45\n\n\n\n\n\niv   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cmanagement decisions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48\n\nStatus of Recommendations with No Management Decisions .            .   .   .   .   .   .   .   .   .   .   .   .   .   .   .   .   . 48\n\nRevised Management Decisions . . . . . . . . . . . . . . . .        .   .   .   .   .   .   .   .   .   .   .   .   .   .   .   .   . 48\n\nAgreement with Significant Management Decisions . . . . . .         .   .   .   .   .   .   .   .   .   .   .   .   .   .   .   .   . 48\n\nInstances Where Information was Refused . . . . . . . . . . .       .   .   .   .   .   .   .   .   .   .   .   .   .   .   .   .   . 48\n\n\n\ntables    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .           . . . . . . . . . . . . 49\n\nTable 1 List of Reports: Audits and Evaluations. . . . . . . . . . . . .                . . . . . . . . . . . . 49\n\nTable\t2\t\t Reports\tIssued\twith\tCosts\tQuestioned\tor\tFunds\tPut\tto\t\n              Better Use (Including Disallowed Costs) . . . . . . . . . .               . . . . . . . . . . . . 49\n\nTable 3 Reports with Recommendations on Which Corrective Action\n\n              Has Not Been Completed. . . . . . . . . . . . . . . . . .                 . . . . . . . . . . . . 50\n\nTable 4 Summary of Investigative Activity . . . . . . . . . . . . . . . .               . . . . . . . . . . . . 58\n\nTable 5 Summary of Complaint Activity. . . . . . . . . . . . . . . . .                  . . . . . . . . . . . . 59\n\nTable 6 References to Reporting Requirements of the\n\n              Inspector General Act . . . . . . . . . . . . . . . . . . . .             . . . . . . . . . . . . 60\n\n\n\nappendix a. peer reviews of oig operations          . . . . . . . . . . . . . . . . . . . . . . 61\n\nPeer\tReview\tof\tthe\tSEC\tOIG\xe2\x80\x99s\tAudit\tOperations\t . . . . . . . . . . . . . . . . . . . . . . . . 61\n\nPeer\tReview\tof\tthe\tSEC\tOIG\xe2\x80\x99s\tInvestigative\tOperations . . . . . . . . . . . . . . . . . . . . . 61\n\n\n\noig contact information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62\n\n\n\n\n\n                                                 OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                                                     |   v\n\x0c\x0cMessage from the Acting Inspector General\n\n\n\nI\n     am pleased to present this Semiannual Report to Congress as the Acting Inspector\n     General of the U.S. Securities and Exchange Commission (SEC or Commission).\n     This report describes the work performed by the SEC Office of Inspector General\n(OIG) for the period of October 1, 2011, through March 31, 2012. This report is\nrequired by the Inspector General Act of 1978, as amended.\n\nThe audits, reviews, and investigations described       expert examined the economic analyses performed\nin this report illustrate the commitment of the SEC     by the SEC in connection with five specific Dodd-\nOIG to promoting the efficiency and effectiveness       Frank Act rulemakings. Based upon our review, we\nof the SEC, as well as the impact the Office has had    identified several significant issues and made six\non SEC programs and operations.                         concrete recommendations to the agency, including\n                                                        a recommendation that the agency consider ways\nDuring this reporting period, our Office of Audits      for economists to provide additional input into cost-\nissued several reports on matters pertinent to agency   benefit analyses for SEC rulemakings to assist in\noperations.\tThese\tincluded\ta\treview\tof\tthe\tSEC\xe2\x80\x99s\t       including both quantitative and qualitative informa\xc2\xad\nsystems and network logs, and an audit of the           tion to the extent possible. Our recommendations\nmanagement of SEC-furnished and SEC-funded              included that the Office of the General Counsel\nproperty used by contractors.                           reconsider its guidance that the SEC should perform\n                                                        economic analyses for rulemaking activities to the\nFour of the five products issued by the Office of       extent that the SEC exercises discretion and should\nAudits during this period were authored with the        consider whether a pre-statute baseline should be\nassistance of outside contractors, whose work was       used whenever possible. We also recommended that\noverseen by our Office of Audits staff. These includ\xc2\xad   SEC rulemaking teams generally use a single, con\xc2\xad\ned a follow-up report to our June 13, 2011 review       sistent baseline in the cost-benefit analyses of their\nof\tthe\tSEC\xe2\x80\x99s\tcost-benefit\tanalyses\tundertaken\tin\t       rulemakings related to a particular topic.\nconnection with rulemakings required by the Dodd-\nFrank\tWall\tStreet\tReform\tand\tConsumer\tProtection\t       We were very pleased during this reporting period\nAct (Dodd-Frank Act). In this follow-up work, our       that in addition to our contractor-based reports,\n\n\n\n                                                        OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                   |   1\n\x0cthe Office of Audits issued a very important audit        ment (Enforcement) improperly destroyed records\nreport\ton\tthe\tSEC\xe2\x80\x99s\tuse\tof\tjustifications\tand\tapprov\xc2\xad     relating to matters under inquiry (MUI) over the\nals (J&A) in contracting. This audit was prompted,        past two decades and that the SEC made mislead\xc2\xad\nin part, by an investigation conducted by the OIG         ing statements in a response that was sent to the\nin a prior reporting period, in which a J&A was           National Archives and Records Administration\nallegedly used improperly to effectuate a sole-source     (NARA)\tconcerning\tthe\tSEC\xe2\x80\x99s\tpotential\tunauthor\xc2\xad\nleasing action. A sole-source acquisition is a con\xc2\xad       ized destruction of MUI records. This OIG investi\xc2\xad\ntract that is entered into or proposed to be entered      gation found that SEC Enforcement staff destroyed\ninto by an agency after soliciting and negotiating        documents related to closed MUIs that should have\nwith only one source or vendor and, with limited          been preserved as federal records. These documents\nexceptions, requires a J&A. Our audit identified          included anonymous correspondence and com\xc2\xad\ncertain issues arising out of a particular regional       plaints, correspondence from the SEC requesting\noffice\xe2\x80\x99s\tsole-source\tcontracting\tactions,\tand\twe\talso\t    documents from companies in the course of MUIs,\nfound that the agency may not be receiving the best       and correspondence which accompanied compa\xc2\xad\nvalue for its expert services contracts. While we did     nies\xe2\x80\x99\tdocument\tproduction\tresponses.\tNotwith\xc2\xad\nfind\tthat\tthe\tSEC\xe2\x80\x99s\tOffice\tof\tAcquisitions\xe2\x80\x99\t(OA)\thas\t     standing these instances of record destruction in\ntaken positive steps to increase competition in con\xc2\xad      connection with MUIs that were closed without\ntracting at the SEC resulting in significant increases    becoming investigations, the OIG did not learn of\nin the contract dollars the agency competed from          any particular investigation that was hampered by\nfiscal years 2009 to 2011, we noted that the current      the destruction of MUI records.\ninternal guidance for preparing J&As is potentially\nconfusing\tto\tOA\xe2\x80\x99s\tcontracting\tofficers\tand\tcontract\t      Also during this reporting period, the OIG con\xc2\xad\nspecialists who prepare J&As. Over the past few           ducted a comprehensive investigation after receiving\nyears, OA management has issued various guidance          23 anonymous complaints concerning a single SEC\nregarding J&A policy and procedures to its staff.         regional office. The allegations included claims of\nHowever,\tOA\xe2\x80\x99s\tcontracting\tofficers\tand\tcontract\t          general misconduct, time and attendance abuse,\nspecialists expressed confusion about the guidance        mistreatment, employment preselection, waste\nthey should use for processing J&As. A full descrip\xc2\xad      of travel resources, and improper disclosure of\ntion of our review is contained in the Audits and         confidential information. The OIG also considered\nEvaluations Conducted section of this report.             allegations regarding travel policy violations at the\n                                                          regional office. Together, these complaints alleged\nThere were also numerous investigations and inqui\xc2\xad        that 27 different regional office staff members\nries conducted by this Office during the reporting        engaged in various forms of misconduct. The OIG\nperiod. These included investigations of alleged          conducted a comprehensive and thorough investiga\xc2\xad\nprocurement violations and an alleged violation           tion and found that many of the complaints were\nof a federal conflict-of-interest statute by a former     unsubstantiated, while others had already been\nsenior official, and inquiries into prohibited hiring     addressed\tby\tmanagement.\tHowever,\tthe\tOIG\xe2\x80\x99s\t\npractices, allegations of a sole-source contract being    investigation found some areas of concern. The\nimproperly awarded, and allegations of an SEC             most significant area of concern identified during\nmanager\xe2\x80\x99s\tacceptance\tof\tfree\tor\tdiscounted\tlegal\tser\xc2\xad     the investigation was evidence that a senior attorney\nvices in violation of the standards of ethical conduct.   made oral or written comments of an inappropri\xc2\xad\n                                                          ate or sexual nature over the last 12 years despite\nThe OIG also completed an investigation into              having been disciplined for his improper behavior.\nallegations\tthat\tthe\tSEC\xe2\x80\x99s\tDivision\tof\tEnforce\xc2\xad           Furthermore, because we received numerous com\xc2\xad\n\n\n\n\n2   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cplaints regarding time and attendance matters, the         Finally, the departure in January 2012 of former\nOIG recommended that the regional office promptly          Inspector\tGeneral\tH.\tDavid\tKotz\twas\ta\tnotable\tloss\t\nimplement a previous OIG recommendation,                   for the OIG and the agency. I am extremely proud\ninitially made in February 22, 2010, that devices          of the professionalism and hard work that the OIG\nto capture building entry and exit information be          staff has exhibited while the Commission moves\ninstalled in the regional office. A detailed description   to fill this important vacancy. Additionally, I am\nof the investigations and inquiries conducted by the       appreciative of the support the Office has received\nOffice during this semiannual reporting period can         from numerous SEC staff members during this\nalso be found in this report.                              transitional period for the OIG.\n\n\n\n\n                                                                       Noelle L. Maloney\n                                                                       Acting Inspector General\n\n\n\n\n                                                           OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                 |   3\n\x0c\x0cManagement and Administration\n\nAGENCY OVERVIEW                                           Securities Rulemaking Board (MSRB), and the\n\n\n\nT\n         he\tSEC\xe2\x80\x99s\tmission\tis\tto\tprotect\tinvestors;\t       Securities\tInvestor\tProtection\tCorporation\t(SIPC).\t\n         maintain fair, orderly, and efficient markets;   While about 3,200 smaller investment advisers will\n         and facilitate capital formation. The SEC        transition to state regulation under the Dodd-Frank\nstrives to promote a market environment that is           Wall\tStreet\tReform\tand\tConsumer\tProtection\tAct\t\nworthy\tof\tthe\tpublic\xe2\x80\x99s\ttrust\tand\tcharacterized\tby\t        (Dodd-Frank Act), the SEC is gaining responsibil\xc2\xad\ntransparency\tand\tintegrity.\tThe\tSEC\xe2\x80\x99s\tcore\tvalues\t        ity for directly overseeing approximately 700 larger\nconsist of integrity, accountability, effectiveness,      private fund advisers, including hedge funds.\nteamwork, fairness, and commitment to excellence.\nThe\tSEC\xe2\x80\x99s\tgoals\tare\tto\tfoster\tand\tenforce\tcompli\xc2\xad         In order to accomplish its mission most effectively\nance with the federal securities laws; establish an       and efficiently, the SEC is organized into five main\neffective regulatory environment; facilitate access to    divisions (Corporation Finance; Enforcement;\nthe information investors need to make informed           Investment Management; Trading and Markets; and\ninvestment decisions; and enhance the Commis\xc2\xad             Risk, Strategy, and Financial Innovation) and 18\nsion\xe2\x80\x99s\tperformance\tthrough\teffective\talignment\tand\t       functional\toffices.\tThe\tCommission\xe2\x80\x99s\theadquarters\t\nmanagement of human resources, information, and           is in Washington, D.C., and there are 11 regional\nfinancial capital.                                        offices located throughout the country. As of Sep\xc2\xad\n                                                          tember 30, 2011, the SEC employed 3,844 full-time\nSEC staff monitor and regulate a securities industry      equivalents (FTEs), consisting of 3,806 permanent\ncomprising more than 35,000 registrants, including        and 38 temporary FTEs.\napproximately 10,000 public companies, 11,000\ninvestment advisers, about 7,500 mutual funds,\nand about 5,000 broker-dealers, as well as national       OIG STAFFING\nsecurities exchanges and self-regulatory organiza\xc2\xad        During the reporting period, the OIG welcomed two\ntions, 500 transfer agents, 15 national securities        audit managers and an assistant inspector general\nexchanges, nine clearing agencies, and 10 credit rat\xc2\xad     for investigations to the staff, thereby maintaining its\ning agencies. Additionally, the agency has oversight      capacity to conduct its oversight responsibilities.\nresponsibility\tfor\tthe\tPublic\tCompany\tAccounting\t\nOversight\tBoard\t(PCAOB),\tthe\tFinancial\tIndustry\t          In\tOctober\t2011,\tSteven\tKaffen\tjoined\tthe\tOIG\t\nRegulatory Authority (FINRA), the Municipal               as\tan\taudit\tmanager.\tMr.\tKaffen\tcame\tto\tthe\tOIG\t\n\n\n\n\n                                                           OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                     |   5\n\x0cfrom\tthe\tPeace\tCorps\tOIG,\twhere\the\tserved\tas\t            Deposit Insurance Corporation (FDIC), where he\nassistant inspector general for auditing and senior      served as a supervisory counsel and chief of enforce\xc2\xad\nauditor.\tDuring\this\teight\tyears\tat\tthe\tPeace\tCorps\t      ment and was responsible for overseeing banking\nOIG, he supervised headquarters and field audits         enforcement activities and investigations involving\nand personally conducted financial and administra\xc2\xad       state-chartered banks and bank failures. Before\ntive\taudits\tin\t34\tcountries.\tMr.\tKaffen\tbegan\this\t       joining\tthe\tFDIC,\tMr.\tWeber\tserved\tfor\tmore\tthan\t\ncareer with Arthur Young (now known as Ernst             a decade as the special counsel for enforcement at\n& Young), where he served as an audit manager in         the Office of the Comptroller of the Currency. Mr.\nNew York, New York, and as director of accounting        Weber also previously served as the law clerk to a\nand\tauditing\tin\tParis,\tFrance.\tMr.\tKaffen\twas\talso\t      U.S.\tdistrict\tjudge\tin\tNew\tYork\tand,\tin\tthat\tcapac\xc2\xad\ndirector of controls and procedures and a financial      ity, assisted with criminal and civil cases before\ncontroller for Levi Strauss & Co. In addition, he was    the United States Court of Appeals for the Second\nsupervisory committee chairman of Levi Strauss &         Circuit. Mr. Weber is admitted to practice law in\nCo.\xe2\x80\x99s\tfederal\tcredit\tunion.\tFurther,\tMr.\tKaffen\thas\t     the District of Columbia and New York and before\nconsulted for UNICEF, Deloitte, and 20th Century         several United States district courts and the United\nFox.\tHe\twas\ta\tPeace\tCorps\tvolunteer\tin\tRussia\tand\t       States\tSupreme\tCourt.\tHe\thas\ta\tbachelor\xe2\x80\x99s\tdegree\t\na United Nations elections monitor in Bosnia and         cum\tlaude\tin\tcriminal\tjustice\tfrom\tUtica\tCollege\tand\t\nEast\tTimor.\tMr.\tKaffen\thas\ta\tbachelor\xe2\x80\x99s\tdegree\tin\t       holds\ta\tjuris\tdoctor\tdegree\tmagna\tcum\tlaude\tfrom\t\naccounting from the University of Maryland and a         the Syracuse University College of Law. Mr. Weber\nmaster\xe2\x80\x99s\tof\tbusiness\tadministration\tdegree\twith\thon\xc2\xad     is a certified fraud examiner and a member of the\nors from Syracuse University. He is a certified public   Association of Certified Fraud Examiners.\naccountant and member of the American Institute of\nCertified\tPublic\tAccountants.                            During the semiannual reporting period, former\n                                                         Assistant Inspector General for Investigations\nIn\tNovember\t2011,\tShannon\tWilliams\tjoined\tthe\t           James David Fielder left the OIG for an opportu\xc2\xad\nOIG as an audit manager. Ms. Williams came to the        nity outside the Commission, and audit manager\nOIG from the Office of the Special Inspector General     Anthony Barnes accepted a position in another SEC\nfor\tthe\tTroubled\tAsset\tRelief\tProgram\t(SIGTARP),\t        Office.\tFinally,\ton\tJanuary\t27,\t2012,\tH.\tDavid\tKotz\t\nwhere\tshe\twas\tan\taudit\tdirector.\tAt\tSIGTARP,\tMs.\t        left the Office after serving as Inspector General\nWilliams oversaw audits related to financial institu\xc2\xad    since\tDecember\t2007.\tDuring\this\ttenure,\tMr.\tKotz\t\ntions support programs, asset support programs,          oversaw numerous high-profile investigations and\nand\tauto\tindustry\tsupport\tprograms.\tPrior\tto\tjoining\t    audits,\tnotably,\tthe\tOIG\xe2\x80\x99s\tinvestigation\tof\tthe\tfailure\t\nSIGTARP,\tMs.\tWilliams\twas\tan\taudit\tmanager\tat\t           of\tthe\tSEC\tto\tuncover\tthe\tBernard\tL.\tMadoff\tPonzi\t\nJ.P.\tMorgan,\tfocusing\ton\tthe\ttrading\toperations\tfor\t     scheme,\taudits\tof\tthe\tSEC\xe2\x80\x99s\toversight\tof\tBear\tStearns\t\nsecuritized products and rates within the investment     and related entities, and reviews of economic analy\xc2\xad\nbanking division. Ms. Williams is a certified public     ses undertaken by the Commission in connection\naccountant\tand\thas\ta\tbachelor\xe2\x80\x99s\tdegree\tin\taccount\xc2\xad       with Dodd-Frank Act rulemakings. Upon Inspector\ning from Rutgers School of Business.                     General\tKotz\xe2\x80\x99s\tdeparture,\tNoelle\tL.\tMaloney\twas\t\n                                                         named Acting Inspector General. Subsequently, on\nIn\tJanuary\t2012,\tDavid\tP.\tWeber\tjoined\tthe\tOIG\t          March 23, 2012, Jacqueline Wilson was named Act\xc2\xad\nas the Assistant Inspector General for Investiga\xc2\xad        ing Deputy Inspector General.\ntions. Mr. Weber came to the OIG from the Federal\n\n\n\n\n6   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cCongressional Requests and Briefings\n\n\n\nD\n         uring this semiannual reporting period, the     On March 29, 2011, the OIG provide a report to\n         OIG continued to keep Congress fully and        the U.S. Senate Committee on Homeland Security\n         currently\tinformed\tof\tthe\tOIG\xe2\x80\x99s\tinvestiga\xc2\xad      and Governmental Affairs, the U.S. House of Repre\xc2\xad\ntions, audits, and other activities through written      sentatives Committee on Oversight and Govern\xc2\xad\nreports, meetings, and by telephone.                     ment Reform, and the Office of Management and\n                                                         Budget\t(OMB)\ton\tthe\tSEC\xe2\x80\x99s\tcompliance\twith\tthe\t\nThe\tOIG\xe2\x80\x99s\tprevious\tsemiannual\treport\tto\tCon\xc2\xad             Improper\tPayments\tElimination\tand\tRecovery\tAct\t\ngress discussed a report issued on June 13, 2011,        of\t2010\t(IPERA)\tfor\tfiscal\tyear\t2011.\tIn\tits\treport,\t\nwhich\tcontained\tthe\tOIG\xe2\x80\x99s\tinitial\tassessment\tof\tthe\t     the\tOIG\tnoted\tthat,\tas\treflected\tin\tthe\tSEC\xe2\x80\x99s\tfiscal\t\nSEC\xe2\x80\x99s\tcost-benefit\tanalyses\trelated\tto\tsix\tspecific\t     year\t2011\tPerformance\tand\tAccountability\tReport\t\nrulemakings that had been identified in a May 4,         (PAR),\tthe\tSEC\thad\tconducted\ta\trisk\tassessment\t\n2011, letter from several members of the U.S. Sen\xc2\xad       and determined that none of its programs and\nate Committee on Banking, Housing and Urban              activities were susceptible to significant improper\nDevelopment (Senate Banking Committee). In the           payments at or above the threshold levels set by\nJune 13, 2011, report, the OIG stated that it would      OMB. The OIG report further noted that the\nissue\ta\tsubsequent\treport\ton\tthe\tresults\tof\tthe\tOIG\xe2\x80\x99s\t   SEC\xe2\x80\x99s\tfiscal\tyear\t2011\tPAR\tstated\tthat\tthe\tSEC\thad\t\nfurther\treview\tof\tthe\tSEC\xe2\x80\x99s\tcost-benefit\tanalyses.\t      determined that the implementation of a payment\nDuring this reporting period, the OIG completed its      recapture program for the SEC (which does not\nadditional review of the cost-benefit analyses per\xc2\xad      administer grant, benefit, or loan programs) was not\nformed by the SEC in connection with rulemakings         cost-effective, but that the SEC nonetheless strives to\nunder the Dodd-Frank Act and issued Report No.           recover any overpayments identified through other\n499, Follow-Up Review of Cost-Benefit Analyses in        sources.\tBased\tupon\tits\treview\tof\tthe\tSEC\xe2\x80\x99s\tIPERA\t\nSelected SEC Dodd-Frank Act Rulemakings. The             Risk Assessment Summary Report and supporting\nreport is discussed in detail in the Audits and          documentation, the OIG determined that the SEC\nEvaluations Conducted section of this report and         was\tin\tcompliance\twith\tIPERA.\nis available at http://www.sec-oig.gov/Reports/\nAuditsInspections/2012/Rpt%20499_                        Also during the reporting period, the OIG provided\nFollowUpReviewofD-F_CostBenefitAnalyses_                 briefings to, and had discussions with, Members of\n508.pdf.                                                 Congress and Congressional staff concerning the\n\n\n\n\n                                                          OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                   |   7\n\x0cwork of the OIG and issues impacting the SEC. For         During the reporting period, the OIG also received\nexample, on January 24, 2012, the then-Inspector          a Congressional request for investigative work\nGeneral and then-Deputy Inspector General met             and provided information to Congress concerning\nwith the Honorable Jo Ann Emerson (R-Missouri),           completed inquiries and investigations. In mid-\nChairwoman, Subcommittee on Financial Services            October 2011, the OIG received a request from\nand General Government, U.S. House of Represen\xc2\xad           staff of the Senate Banking Committee that the\ntatives Committee on Appropriations. The discus\xc2\xad          OIG, as well as the OIGs of other financial regula\xc2\xad\nsions during the meeting covered a variety of topics,     tory agencies, inquire into the leak of a draft rule to\nincluding disciplinary actions taken by the agency,       the public. The OIG commenced an inquiry into the\ngeneral accountability of the agency, and implemen\xc2\xad       leak, which was pending at the end of the reporting\ntation of consultant recommendations. On March            period. On December 20, 2011, the former Inspec\xc2\xad\n20, 2012, the Acting Inspector General and an OIG         tor General provided a letter to the Honorable\nstaff member briefed staff of the Senate Banking          Barney Frank (D-Massachusetts), Ranking Member,\nCommittee concerning the OIG SEC Employee Sug\xc2\xad            U.S. House of Representatives Committee on Finan\xc2\xad\ngestion\tProgram,\twhich\twas\testablished\tpursuant\t          cial Services, which summarized the work the OIG\nto section 966 of the Dodd-Frank Act. Specifically,       had performed during its inquiry into a complaint\nthe discussions focused on the number and type of         that had previously been forwarded to the Inspec\xc2\xad\nsuggestions received under the program, the charac\xc2\xad       tor General for review. On December 21, 2011, the\nteristics of the persons submitting suggestions (e.g.,    Inspector General provided the Honorable Charles\nsupport staff, senior staff), and publicizing the exis\xc2\xad   Grassley (R-Iowa), Ranking Member, U.S. Senate\ntence of the program. The Acting Inspector General        Committee on the Judiciary, and the Honorable\nand OIG staff member also briefed the committee           Tom Coburn (R-Oklahoma), Ranking Member,\nstaff concerning the first OIG SEC Employee Sug\xc2\xad          Permanent\tSubcommittee\ton\tInvestigations,\tU.S.\t\ngestion\tProgram\tawards\tceremony\theld\tin\tDecem\xc2\xad            Senate Committee on Homeland Security and\nber 2011, at which several SEC employees who had          Governmental Affairs, with a previously requested\nmade suggestions resulting in agency cost savings         biannual report on all closed investigations, evalua\xc2\xad\nwere honored.                                             tions, and audits conducted by the OIG.\n\n\n\n\n8   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cAdvice\tand\tAssistance\tProvided\tto\tthe\tAgency\n\n\nD\n         uring this semiannual reporting period,        a\tsuggestion\tto\tthe\tSEC\xe2\x80\x99s\tOffice\tof\tAcquisitions\tthat\t\n         the OIG provided advice and assistance         agency contract staff information be tracked on a\n         to SEC management on several issues            SharePoint\tspreadsheet\trather\tthan\tby\te-mail.\tFur\xc2\xad\nthat\twere\tbrought\tto\tthe\tOIG\xe2\x80\x99s\tattention\tthrough\t       ther, the Acting Inspector General and the Counsel\nvarious means. The OIG conveyed this advice and         to the Inspector General met with officials from the\nassistance through written communications and in        Office of Compliance Inspections and Examinations\nmeetings and conversations with Commission offi\xc2\xad        (OCIE) on two occasions to discuss several new\ncials. The advice and assistance included suggestions   initiatives that OCIE has recently undertaken and\nfor improvement in SEC programs and operations          implemented.\nreceived through the OIG SEC Employee Suggestion\nProgram,\twhich\twas\testablished\tpursuant\tto\tsection\t     Also during the reporting period, the OIG received\n966 of the Dodd-Frank Act.                              a suggestion through the OIG SEC Employee\n                                                        Suggestion\tProgram\tregarding\tfee-bearing\tfilings\t\nSpecifically, the Inspector General met with SEC        made\tthrough\tthe\tSEC\xe2\x80\x99s\tElectronic\tData\tGathering,\t\ncontractors responsible for reviewing the roles,        Analysis, and Retrieval (EDGAR) system and the\nresponsibilities, and workload of the various Com\xc2\xad      process by which EDGAR users request refunds of\nmission divisions and offices and provided detailed     excess filing fees paid. Currently, users must submit\ninformation\tconcerning\tthe\tOIG\xe2\x80\x99s\tfunctions,\tstaff\xc2\xad      refund requests by mail or facsimile, and it was sug\xc2\xad\ning, and workload. The Acting Inspector General         gested that an online refund request form or process\nand Counsel to the Inspector General also met with      be developed to make this process more efficient\ncontractors\tin\tconnection\twith\tthe\tSEC\xe2\x80\x99s\tannual\t        for both filers and Office of Financial Manage\xc2\xad\nentity-level assessment. Specific topics discussed      ment (OFM) staff. After reviewing and analyzing\nduring the meeting included ethics and compliance,      the suggestion received, the OIG forwarded it to\nrisk and prioritization of audits and investigations,   OFM staff, who responded favorably to the sugges\xc2\xad\ninternal policies and procedures, and maintenance       tion and submitted a request to make this change\nof\tthe\tOIG\tSEC\tEmployee\tSuggestion\tProgram.             effective in June 2012. The change is expected to\n                                                        result in increased efficiency and will provide an\nIn addition, OIG staff completed an agency hiring       additional layer of internal controls to the filing fee\nmanager recruitment outreach survey and provided        refund process.\n\n\n\n\n                                                         OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                    |   9\n\x0cAnother suggestion received during the reporting        alternate\tmethod\tof\tconfirming\tthe\temployee\xe2\x80\x99s\tiden\xc2\xad\nperiod through the OIG SEC Employee Suggestion          tity, which can lead to delays. The employee who\nProgram\tpertained\tto\tpotential\timprovements\tto\t         made the suggestion indicated that it would be more\nthe existing process followed at SEC Headquarters       efficient for the security personnel at the guard desk\nwhen an SEC employee has forgotten his or her           to have the ability to confirm employment without\nidentification badge and needs to obtain access to      having to check with the badge office. The OIG pro\xc2\xad\nSEC facilities. Under the current process, the guards   vided the suggestion to the Office of FOIA, Records\nlocated at the security desk at SEC Headquarters        Management, and Security, which informed the\nmain entrance call the SEC badge office to confirm      OIG that it is in the process of implementing\nthat the individual seeking admission is an SEC         changes to alleviate the inefficiencies involved in\nemployee or contractor. However, if an employee         verifying employment outside the operating hours\narrives in the morning before the badge office has      of the badge office.\nopened, the security guards are required to find an\n\n\n\n\n10   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cCoordination with Other Offices of\nInspector General\n\n\nD\n         uring this semiannual reporting period, the     Further, during the reporting period, the SEC OIG\n         SEC OIG coordinated its activities with         responded to numerous requests for information or\n         those of other OIGs, as required by section     surveys received from CIGIE or other OIGs. These\n4(a)(4) of the Inspector General Act of 1978, as         information requests and surveys related to, among\namended. Specifically, the SEC Inspector General or      other things, nonfederal employee whistleblower\na senior OIG staff member attended meetings of the       protections, common practices for conducting\nCouncil of the Inspectors General on Integrity and       vulnerability assessments and penetration testing,\nEfficiency (CIGIE).                                      practices regarding congressional communications,\n                                                         auditor position grades, numbers of criminal and\nIn addition, the SEC Inspector General was a mem\xc2\xad        noncriminal investigators, needs for training in tech\xc2\xad\nber\tof\tCIGIE\xe2\x80\x99s\tProfessional\tDevelopment\tCommit\xc2\xad          nical writing skills, and training of mission-support\ntee, the purpose of which is to provide educational      personnel.\nopportunities for members of the CIGIE community\nand to assist in ensuring the development of compe\xc2\xad      In addition, the SEC Inspector General participated\ntent personnel. During the reporting period, the SEC     in the activities of the Council of Inspectors General\nInspector General or a senior SEC OIG staff member       on Financial Oversight (CIGFO), which was created\nattended\tmeetings\tof\tthe\tProfessional\tDevelopment\t       by section 989E of the Dodd-Frank Act. CIGFO is\nCommittee.\tAs\tpart\tof\tits\tparticipation\tin\tthe\tProfes\xc2\xad   chaired by the Inspector General of the Department\nsional Development Committee activities, the SEC         of the Treasury and also includes the inspectors\nOIG provided substantial comments on draft revi\xc2\xad         general of the Board of Governors of the Federal\nsions to the Quality Standards for Federal Offices of    Reserve System, the Commodity Futures Trading\nInspector General (Silver Book). The Counsel to the      Commission, the Department of Housing and Urban\nInspector General also participated in the activities    Development, the Federal Deposit Insurance Cor\xc2\xad\nof the Council of Counsels to the Inspector General,     poration, the Federal Housing Finance Agency, the\nan informal organization of OIG attorneys through\xc2\xad       National Credit Union Administration, and the SEC\nout the federal government who meet monthly and          and the Special Inspector General for the Troubled\ncoordinate and share information.                        Asset\tRelief\tProgram.\tUnder\tthe\tDodd-Frank\tAct,\t\n\n\n\n\n                                                         OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                   |   11\n\x0cCIGFO is required to meet at least quarterly to          2012 Annual Report. This submission contained\nfacilitate the sharing of information, with a focus on   a discussion of recent examples of oversight work\nconcerns that may apply to the broader financial sec\xc2\xad    performed by the SEC OIG, including the June 13,\ntor and ways to improve financial oversight. CIGFO       2011,\treport\ton\tthe\tOIG\xe2\x80\x99s\treview\tof\teconomic\tanaly\xc2\xad\nis also required to submit an annual report to the       ses performed by the SEC in connection with Dodd-\nFinancial Stability Oversight Council and Congress.      Frank Act rulemakings; the January 27, 2012, report\nThe report must include a section that highlights the    on\tthe\tOIG\xe2\x80\x99s\tfollow-up\treview\tof\tthe\tcost-benefit\t\nconcerns and recommendations of each inspector           analyses performed in selected Dodd-Frank Act rule-\ngeneral who is a member of CIGFO and a summary           makings;\tand\tthe\tJune\t15,\t2011,\treport\ton\tthe\tSEC\xe2\x80\x99s\t\nof the general observations of CIGFO.                    establishment of an Office of Minority and Women\n                                                         Inclusion as required by the Dodd-Frank Act. The\nDuring this reporting period, the SEC Inspector Gen\xc2\xad     SEC\tOIG\xe2\x80\x99s\tsubmission\talso\tdiscussed\tplanned\tover\xc2\xad\neral attended a CIGFO meeting held on December 8,        sight\twork,\tincluding\tan\taudit\tof\tthe\tSEC\xe2\x80\x99s\tprocesses\t\n2011, and an SEC OIG staff member participated in        related to tips, complaints, and referrals received by\nCIGFO\xe2\x80\x99s\tconference\tcalls.\tIn\taddition,\tthe\tSEC\tOIG\t      the Commission and a study of the whistleblower\nprovided its submission for inclusion in the CIGFO       protections established by the Dodd-Frank Act.\n\n\n\n\n12   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cAudits and Evaluations\n\nOVERVIEW                                                 Audits\n\n\n\nT\n         he OIG is required by the Inspector General     Audits examine operations and financial transac\xc2\xad\n         Act of 1978, as amended, to conduct audits      tions to ensure that proper management practices\n         and evaluations of agency programs, opera\xc2\xad      are being followed and resources are adequately\ntions,\tand\tactivities.\tThe\tOIG\xe2\x80\x99s\tOffice\tof\tAudits\t       protected in accordance with governing laws and\nfocuses its efforts on conducting and supervising        regulations. Audits are systematic, independent,\nindependent audits and evaluations of the programs       and documented processes for obtaining evidence.\nand operations of the various SEC divisions and          In general, audits are conducted when firm criteria\noffices. The Office of Audits also hires independent     or data exist, sample data are measurable, and test\xc2\xad\ncontractors\tand\tsubject\tmatter\texperts\tto\tconduct\t       ing\tinternal\tcontrols\tis\ta\tmajor\tobjective.\tAuditors\t\nwork on its behalf. Specifically, the Office of Audits   collect and analyze data and verify agency records\nconducts audits and evaluations to determine             by obtaining supporting documentation, issuing\nwhether                                                  questionnaires, and through physical inspection.\n\n\xe2\x80\xa2\t   there\tis\tcompliance\twith\tgoverning\tlaws,\t           The\tOIG\xe2\x80\x99s\taudit\tactivities\tinclude\tperformance\t\n     regulations, and policies;                          audits of SEC programs and operations relating\n\xe2\x80\xa2\t   resources\tare\tsafeguarded\tand\tappropriately\t        to areas such as the oversight and examination of\n     managed;                                            regulated entities, the protection of investor inter\xc2\xad\n\xe2\x80\xa2\t   funds\tare\texpended\tproperly;                        ests, and the evaluation of administrative activities.\n\xe2\x80\xa2\t   desired\tprogram\tresults\tare\tachieved;\tand           The Office of Audits conducts its audits in accor\xc2\xad\n\xe2\x80\xa2\t   information\tprovided\tby\tthe\tagency\tto\tthe\t          dance with generally accepted government auditing\n     public and others is reliable.                      standards (Yellow Book) issued by the Comptroller\n                                                         General of the United States, OIG policy, and guid\xc2\xad\nEach year, the Office of Audits prepares an annual       ance issued by the Council of the Inspectors General\naudit plan. The plan includes work that is selected      on Integrity and Efficiency (CIGIE).\nfor audit or evaluation based on risk and materiality,\nknown or perceived vulnerabilities and inefficien\xc2\xad       Evaluations\ncies, resource availability, and complaints received     The Office of Audits also conducts evaluations of\nfrom Congress, internal SEC staff, the Government        SEC programs and activities. Evaluations consist\nAccountability Office (GAO), and the public.             of reviews that often cover broad areas and are\n\n\n\n\n                                                         OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                  |   13\n\x0ctypically designed to produce timely and useful           rulemakings, it gave the SEC varying degrees of dis\xc2\xad\ninformation associated with current or anticipated        cretion to determine the content of particular rules.\nproblems. Evaluations are generally conducted\nwhen\ta\tproject\xe2\x80\x99s\tobjectives\tare\tbased\ton\tspecialty\t       On May 4, 2011, the SEC OIG received a letter\nand highly technical areas, criteria or data are not      from several members of the U.S. Senate Committee\nfirm, or needed information must be reported in a         on Banking, Housing, and Urban Affairs request\xc2\xad\nshort period of time. Office of Audits evaluations        ing that the Inspector General review the economic\nare conducted in accordance with OIG policy, Yel\xc2\xad         analyses performed by the SEC in connection with\nlow Book nonaudit service standards, and guidance         six specific rulemaking initiatives undertaken pursu\xc2\xad\nissued by CIGIE.                                          ant to the Dodd-Frank Act.\n\nAudit Follow-Up and Resolution                            On June 13, 2011, the OIG released a report on the\nDuring this semiannual reporting period, SEC              results of its initial assessment of the cost-benefit\ndivisions and offices made significant efforts to         analyses conducted for these six rulemakings (the\nreduce the backlog of open recommendations while          phase I review). The OIG concluded that the SEC\nensuring that the most recent recommendations             had conducted a systematic cost-benefit analysis\nwere fully implemented. Based on the appropriate          for each of the six rules, but found that the level of\nevidence and documentation provided to the OIG            involvement of the Division of Risk, Strategy, and\nby management to support its implementation of            Financial Innovation (RiskFin) varied considerably\nOIG recommendations, the OIG closed 86 recom\xc2\xad             from rulemaking to rulemaking. In addition, the\nmendations related to 15 different Office of Audits       phase I review found a lack of macro-level analysis\nreports during this semiannual reporting period.          and a lack of quantitative analysis on the impact of\n                                                          the rules. In the report on phase I, the OIG stated its\n                                                          intention to further analyze these areas.\nAUDITS AND EVALUATIONS CONDUCTED\n                                                          The\tOIG\xe2\x80\x99s\tfollow-up,\tor\tphase\tII,\tanalysis\texam\xc2\xad\nFollow-Up Review of Cost-Benefit Analyses in              ined the economic analyses performed by the SEC\nSelected SEC Dodd-Frank Act Rulemakings                   in connection with five additional Dodd-Frank Act\n(Report No. 499)                                          rulemakings. For this phase II report, as for the\n                                                          phase I report, the OIG retained an expert, Albert\n                BACKGROUND                                S.\tKyle,\tto\tassist\twith\tthe\treview\tof\tSEC\tcost-benefit\t\nThe Dodd-Frank Wall Street Reform and Con\xc2\xad                analyses\tin\tDodd-Frank\tAct\trulemakings.\tProfes\xc2\xad\nsumer\tProtection\tAct\t(Dodd-Frank\tAct)\twas\tsigned\t         sor\tKyle\tis\tthe\tCharles\tE.\tSmith\tChair\tProfessor\tof\t\ninto law on July 21, 2010. The law reformed the           Finance\tat\tthe\tUniversity\tof\tMaryland\xe2\x80\x99s\tRobert\tH.\t\nfinancial regulatory system, including how financial      Smith School of Business.\nregulatory agencies operate. Among other things,\nthe Dodd-Frank Act required the SEC to undertake          The\toverall\tobjectives\tof\tthe\tphase\tII\treview\twere\tto:\na significant number of studies and rulemakings,\nincluding regulatory initiatives addressing deriva\xc2\xad       \xe2\x80\xa2\t   assess\twhether\tthe\tSEC\tis\tperforming\tcost-\ntives; asset securitization; credit rating agencies;           benefit analyses for rulemaking initiatives that\nhedge funds, private equity funds, and venture capi\xc2\xad           are statutorily required under the Dodd-Frank\ntal funds; municipal securities; clearing agencies; and        Act in a consistent manner across SEC divisions\ncorporate governance and executive compensation.               and offices and in compliance with applicable\nAlthough the Dodd-Frank Act mandated specific                  federal requirements and\n\n\n\n\n14   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0c\xe2\x80\xa2\t   determine\twhether\tproblematic\tareas\texist\t         costs and benefits of an alternative \xe2\x80\x9cnormally will\n     where rigorous cost-benefit analyses were not      be\ta\t\xe2\x80\x98no\taction\xe2\x80\x99\tbaseline.\xe2\x80\x9d\tTherefore,\tto\tthe\textent\t\n     performed for rulemaking initiatives and where     that the SEC performs cost-benefit analyses only for\n     improvements are needed and best practices         discretionary rulemaking activities, in the opinion\n     can be identified to enhance the overall method\xc2\xad   of\tProfessor\tKyle,\tthe\tSEC\tmay\tnot\tbe\tfulfilling\tthe\t\n     ology used to perform cost-benefit analyses.       essential purposes of such analyses\xe2\x80\x94providing a\n                                                        full picture of whether the benefits of a regulatory\n                    R E S U LT S                        action\tare\tlikely\tto\tjustify\tits\tcosts\tand\tdiscovering\t\nBased on its review of the cost-benefit analyses        which regulatory alternatives would be the most\nperformed for the rulemakings selected, the OIG         cost-effective.\nfound overall that SEC rulemaking teams consis\xc2\xad\ntently adhered to internal policies for preparing       The SEC sometimes used multiple baselines in its\ncost-benefit analyses and, as a result, the cost-       cost-benefit analyses that were ambiguous or inter\xc2\xad\nbenefit analyses followed a systematic process          nally\tinconsistent.\tFor\texample,\tin\tthe\tSEC\xe2\x80\x99s\tinterim\t\nfrom inception to completion. However, the OIG          final temporary rule for registration of municipal\nidentified the significant issues, summarized below,    advisors, portions of the cost-benefit analysis\nduring its review.                                      assumed as a baseline a minimal registration process\n                                                        that would allow municipal advisors to continue\nThe extent of quantitative discussion of cost-benefit   their usual activities with limited disruption. How\xc2\xad\nanalyses varied among rulemakings, and none of          ever, other parts of the cost-benefit analysis assumed\nthe rulemakings examined in the phase II review         that municipal advisors would be required to cease\nattempted to quantify either benefits or costs other    their advisory activities in the absence of a registra\xc2\xad\nthan information collection costs as required by the    tion process, resulting in a shutdown of the munici\xc2\xad\nPaperwork\tReduction\tAct.\tIn\taddition,\tProfessor\t        pal advisory market.\nKyle\topined\ton\tthe\tcrucial\trole\tthat\teconomists\tplay\t\nin ensuring that cost-benefit analyses incorporate      There was often considerable overlap between the\nboth qualitative and quantitative information.          cost-benefit analyses and efficiency, competition,\n                                                        and capital formation sections of the releases for\nIn its cost-benefit analyses for Dodd-Frank Act rule-   Dodd-Frank Act regulations, and we found that\nmakings, the SEC generally focused on discretionary     redundancy could be reduced by combining these\ncomponents\xe2\x80\x94portions of rulemakings in which the         two sections.\nCommission\tis\table\tto\texercise\tchoice.\tProfessor\t\nKyle\topined\tthat\tin\taddition\tto\tsatisfying\tstatutory\t   Some SEC Dodd-Frank Act rulemakings lacked\nrequirements, a cost-benefit analysis is intended to    clear,\texplicit\texplanations\tof\tthe\tjustification\tfor\t\ninform the public and other parts of government,        regulatory action. Specifically, some of the rulemak\xc2\xad\nincluding Congress, of the effects of alternative       ings that were premised on market failure alluded\nregulatory actions. While a September 2010 memo\xc2\xad        to market failure but did not explicitly cite it as a\nrandum from the former SEC General Counsel              justification\tor\tfully\tdiscuss\tit.\tOther\trulemakings\t\ntook the view that where the SEC has no discre\xc2\xad         included language that erroneously suggested a\ntion, there are no choices to explain, OMB Circular     market\tfailure\tjustification\tand\tcontained\tno\tcom\xc2\xad\nA-4, which provides guidance to executive agencies      pelling alternative rationale in support of the action.\non conducting cost-benefit analyses required by         OMB Circular A-4 identifies market failure as one\nExecutive Order 12866, specifies that the baseline      of\tseveral\tpossible\tjustifications\tfor\tfederal\tagency\t\nagencies should establish for use in defining the       regulation. In discussing this point, the circular\n\n\n\n\n                                                        OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                    |   15\n\x0cprovides that an agency must demonstrate that           (3)\t SEC rulemaking teams should generally use a\nproposed action is necessary before recommending             single, consistent baseline in the cost-benefit\nregulatory\taction,\tciting\tExecutive\tOrder\t12866\xe2\x80\x99s\t           analyses of their rulemakings related to a\nrequirement that agencies \xe2\x80\x9cpromulgate only such              particular topic. The baseline being used should\nregulations as are required by law, are necessary to         be specified at the beginning of the cost-ben\xc2\xad\ninterpret the law, or are made necessary by com\xc2\xad             efit analysis section. If multiple baselines are\npelling need, such as material failures of private           appropriate, such as for evaluating alterna\xc2\xad\nmarkets to protect or improve the health and safety          tive\tapproaches\tor\texplaining\tthe\tSEC\xe2\x80\x99s\tuse\tof\t\nof the public, the environment, or the well being            discretion, they should also be explained and\nof\tthe\tAmerican\tpeople.\xe2\x80\x9d\tAccording\tto\tProfessor\t             justified.\t\nKyle,\ta\tmore\tfocused\tdiscussion\tof\tmarket\tfailure\t\nin cost-benefit analyses would lay out the rationale    (4) SEC rulewriting divisions should consider\nfor regulation more clearly to Congress, the general        discontinuing the practice of drafting separate\npublic, and the SEC itself.                                 cost-benefit analysis and efficiency, competi\xc2\xad\n                                                            tion, and capital formation sections and instead\nAlthough\tsome\tof\tthe\tSEC\xe2\x80\x99s\tDodd-Frank\tAct\trule-             provide a more integrated discussion of these\nmakings may result in significant costs or benefits         issues in rule releases.\nto the Commission itself, internal costs and benefits\nwere rarely addressed in the cost-benefit analyses.     (5) The Commission should consider directing rule-\nAccording\tto\tProfessor\tKyle,\thowever,\tconsidering\t          making teams to (a) explicitly discuss market\ninternal administrative costs and benefits is consis\xc2\xad       failure\tas\ta\tjustification\tfor\tregulatory\taction\t\ntent with the purposes of a cost-benefit analysis and       in the cost-benefit analysis of each rule that is\nprovides a more complete picture of economic costs          based in whole or in part on perceived market\nand benefits associated with government regulation.         failure or (b) in the absence of market failure,\n                                                            demonstrate a compelling social purpose that\n          R E C O M M E N D AT I O N S                      justifies\tregulatory\taction.\nBased on the results of our review, the OIG issued\nits report on January 27, 2012, and made the fol\xc2\xad       (6) SEC rulemaking teams should consider includ\xc2\xad\nlowing recommendations:                                     ing internal costs and benefits in the cost-benefit\n                                                            analyses of rulemakings.\n(1) SEC rulewriting divisions and RiskFin should\n    consider ways for economists to provide addi\xc2\xad       Management ultimately concurred with all of the\n    tional input into cost-benefit analyses for SEC     report\xe2\x80\x99s\tsix\trecommendations.\tThis\treport\tis\tavail\xc2\xad\n    rulemakings to assist in including both quanti\xc2\xad     able\ton\tthe\tOIG\xe2\x80\x99s\twebsite\tat\thttp://www.sec-oig.\n    tative and qualitative information to the extent    gov/Reports/AuditsInspections/2012/499.pdf.\n    possible.\n\n(2) The Office of the General Counsel, in consulta\xc2\xad     SEC\xe2\x80\x99s Use of Justifications and Approvals in\n    tion with RiskFin, should reconsider its guid\xc2\xad      Sole-Source Contracting (Report No. 507)\n    ance that the SEC should perform economic\n    analyses for rulemaking activities to the extent                   BACKGROUND\n    that the SEC exercises discretion and should        In testimony on July 6, 2011, before the House\n    consider whether a pre-statute baseline should      Transportation and Infrastructure Committee,\n    be used whenever possible.                          Subcommittee\ton\tEconomic\tDevelopment,\tPublic\t\n\n\n\n\n16   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cBuildings and Emergency Management, the former             The SEC primarily uses three of these circumstances\nSEC Inspector General informed the subcommittee            as\tjustification\tfor\tother\tthan\tfull\tand\topen\tcompeti\xc2\xad\nthat\tthe\tOIG\twould\tconduct\tan\taudit\tof\tthe\tSEC\xe2\x80\x99s\t          tion: FAR \xc2\xa7 6.302-1, FAR \xc2\xa7 6.302-2, and FAR \xc2\xa7\nuse\tof\tjustifications\tand\tapprovals\t(J&A)\tin\tsole-         6.302-3 (specifically for expert services).\nsource\tcontracting.\tThe\tsubject\tof\tthe\thearing\twas\t\nthe\tOIG\xe2\x80\x99s\tinvestigation\tregarding\tthe\tSEC\xe2\x80\x99s\tlease\tfor\t     The\tSEC\xe2\x80\x99s\tOffice\tof\tAdministrative\tServices\t(OAS),\t\n900,000 square feet of office space at Constitution        Office of Acquisitions (OA) consists of a policy\nCenter, costing approximately $556.8 million over          branch and four contracting branches that are\n10\tyears.\tProminent\tin\tthe\tleasing\tinvestigation\twas\t      staffed with contracting officers and contracting\na J&A that was alleged to have been improperly             specialists. In addition, OAS has delegated senior\nused to support the sole-source contracting action         officials\tin\tthe\tSEC\xe2\x80\x99s\tregional\toffices\tthe\tauthority\t\nfor the Constitution Center lease. In addition, the        to enter into and modify contracts with vendors\nOIG\treceived\tcomplaints\tabout\tthe\tSEC\xe2\x80\x99s\tuse\tof\t            on\tbehalf\tof\tthe\tCommission\tsubject\tto\tcertain\t\nJ&As. As a result, the OIG conducted this audit            limitations. OA has taken positive steps to increase\nbased on improprieties found in the leasing investi\xc2\xad       competition in contracting at the SEC, as indicated\ngation and complaints alleging similar improprieties.      by significant increases in the contract dollars the\n                                                           Commission competed from fiscal years 2009 to\nA sole-source acquisition is a contract that an agency     2011.\nenters into, or proposes to enter into, after soliciting\nand negotiating with only one source (vendor). With        The\toverall\tobjective\tof\tthe\taudit\twas\tto\tassess\tthe\t\nlimited exceptions, a sole-source contract requires        SEC\xe2\x80\x99s\tuse\tof\tJ&As\tin\tcontracting.\tSpecific\taudit\t\na J&A. The Federal Acquisition Regulation (FAR)            objectives\twere\tto\tassess\tthe\tfollowing:\nsets forth the policies and procedures and identifies\nthe statutory authorities that must be applied when        \xe2\x80\xa2\t   OA\xe2\x80\x99s\tapproval\tprocesses\tand\tprocedures\tfor\t\ncontracts are not awarded under full and open com\xc2\xad              J&As, including the roles of contracting offi\xc2\xad\npetition. According to the FAR, agencies may engage             cials and legal counsel;\nin contracting without providing for full and open         \xe2\x80\xa2\t   whether\tapplicable\tfederal\tstatutes\tand\tregu\xc2\xad\ncompetition under the following circumstances:                  lations\tand\tOA\xe2\x80\x99s\tpolicies\tand\tprocedures\tare\t\n                                                                followed in preparing and approving J&As;\n\xe2\x80\xa2\t   Only\tone\tresponsible\tsource\tand\tno\tother\t             \xe2\x80\xa2\t   whether\tJ&As\tare\tappropriately\tused\tunder\t\n     supplies or services will satisfy agency require\xc2\xad          the circumstances presented; and\n     ments (FAR \xc2\xa7 6.302-1)                                 \xe2\x80\xa2\t   whether\tthe\tuse\tof\tJ&As\thas\timpacted\t\n\xe2\x80\xa2\t   Unusual\tand\tcompelling\turgency\t                            competition.\n     (FAR \xc2\xa7 6.302-2)\n\xe2\x80\xa2\t   Industrial\tmobilization;\tengineering,\tdevel\xc2\xad                              R E S U LT S\n     opmental, or research capability; or expert           The OIG reviewed a sample of 64 sole-source\n     services (FAR \xc2\xa7 6.302-3)                              contracts, with a total contract value of approxi\xc2\xad\n\xe2\x80\xa2\t   International\tagreement\t(FAR\t\xc2\xa7\t6.302-4)               mately $10 million, that the SEC awarded in fiscal\n\xe2\x80\xa2\t   Authorized\tor\trequired\tby\tstatute\t                    years 2009 to 2011. Five of the 64 sole-source\n     (FAR \xc2\xa7 6.302-5)                                       contracts, which were awarded by a regional office\n\xe2\x80\xa2\t   National\tsecurity\t(FAR\t\xc2\xa7\t6.302-6)                     director, did not have approved, written J&As,\n\xe2\x80\xa2\t   Public\tinterest\t(FAR\t\xc2\xa7\t6.302-7)                       as required by FAR \xc2\xa7\xc2\xa7 6.303 and 6.304. Further,\n                                                           the OIG found another 3 of the 64 contracts had\n\n\n\n\n                                                           OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                   |    17\n\x0cJ&As that were signed by the contracting officer          Finally,\tthe\tOIG\tfound\tthat\tOA\xe2\x80\x99s\tcurrent\tinternal\t\nafter the contract had been awarded. Finally, the         guidance for preparing J&As is potentially confus\xc2\xad\nOIG found that OA awarded a contract in 2010              ing to its contracting officers and contract specialists\nthat\trequired\tthe\tcompetition\tadvocate\xe2\x80\x99s\treview\t          who prepare J&As. Over the past few years, OA\nand approval, but did not have the competition            management has issued guidance regarding J&A\nadvocate\xe2\x80\x99s\tsignature.\t                                    policy and procedures to its staff. However, some\n                                                          of\tthis\tguidance\thas\tbeen\twithdrawn\tand\tOA\xe2\x80\x99s\tcon\xc2\xad\nDuring the audit, the OIG also found that a sole-         tracting officers and contract specialists indicated\nsource contract was awarded using the authority           confusion about the guidance they should use for\nfor\t\xe2\x80\x9cunusual\tand\tcompelling\turgency\xe2\x80\x9d\tthat\tdid\t            processing J&As.\nnot comply with FAR requirements. The circum\xc2\xad\nstances identified in the J&A supported the use of                  R E C O M M E N D AT I O N S\nthis authority; however, the contract exceeded the        Based on the results of its audit, the OIG issued its\nauthorized period of performance allowed under            report on March 28, 2012, and recommended the\nFAR \xc2\xa7 6.302-2. For sole-source contracts awarded          following:\nusing the unusual and compelling urgency author\xc2\xad\nity, the period of performance is limited to the time     (1) OA should review contracting operations at\nnecessary to perform the urgent work under the                the regional office where sole-source contracts\ncontract and the time the agency needs to enter into          were identified as having no J&As. OA should\nanother contract for the required goods and services          further provide training to staff involved in\nthrough the use of competitive procedures. This               the procurement process to ensure that they\ntime cannot exceed one year unless the head of the            are familiar with competition requirements\nagency determines that exceptional circumstances              in contracting, when sole-source contracting\napply.                                                        is appropriate, and how to properly prepare\n                                                              J&As.\nAdditionally, with respect to the sole-source\ncontracts that cited FAR \xc2\xa7 6.302-3 (for obtaining         (2) OA should establish procedures to regularly\nexpert services), the OIG found that most vendors             review a sample number of regional office con\xc2\xad\nreceived multiple contracts with the SEC, that the            tracts to ensure that their contracting practices\ntypical statements used in the expert witness J&As            comply with the FAR and Commission regula\xc2\xad\nrelated to removing barriers to competition lacked            tions and operating procedures.\nreal substance, and that any market research was\nlimited\tand\tinformal.\tThe\tSEC\xe2\x80\x99s\tselection\tof\texpert\t      (3) OA should review all open sole-source con\xc2\xad\nwitnesses is affected by variables such as witness            tracts awarded using FAR \xc2\xa7 6.302-2, Unusual\nexpertise, availability, willingness to testify for the       and Compelling Urgency, that are over the\nSEC,\tcourtroom\tdemeanor,\tand\tthe\ttrial\tattorney\xe2\x80\x99s\t            simplified acquisition threshold and ensure that\nconfidence in the expert witness. Further, the unpre\xc2\xad         each\tcontract\xe2\x80\x99s\tperiod\tof\tperformance\tdoes\tnot\t\ndictable timeline of a trial can result in an unex\xc2\xad           exceed\tone\tyear.\tIf\tany\tcontract\xe2\x80\x99s\tperiod\tof\tper\xc2\xad\npected and urgent need for an expert witness. These           formance exceeds one year, OA should modify\ncircumstances tend to limit the pool of potential             the period of performance or obtain required\nwitnesses for particular cases. As a result, the SEC          approval from the Chairman for exceptional\nmay not be receiving the best value available for all         circumstances.\nof its expert witness contracts.\n\n\n\n\n18   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0c(4) OA should conduct an assessment of the              Part\t45\tof\tthe\tFAR\tdefines\tgovernment-furnished\t\n    manner in which vendors are chosen as expert        property\t(GFP)\tas\tproperty\tin\tthe\tpossession\tof,\tor\t\n    witnesses using FAR \xc2\xa7 6.302-3 for sole-source       directly acquired by, the government and subse\xc2\xad\n    contracts and examine whether opportunities         quently furnished to a contractor for performance\n    exist to expand the vendor competition base.        of\ta\tcontract.\tIt\tdefines\tCAP\tas\tproperty\tacquired,\t\n                                                        fabricated, or otherwise provided by a contractor\n(5) OA should publish comprehensive policies            for performing a contract and to which the govern\xc2\xad\n    and procedures governing the J&A process at         ment\thas\ttitle.\tExamples\tof\tGFP\tinclude\tservers\tand\t\n    the Commission. This guidance should reflect        machinery the government provides to a contractor\n    a thorough analysis of the current process to       to\tuse\tat\tthe\tcontractor\xe2\x80\x99s\tfacility\tto\tfulfill\tcontract\t\n    determine if it includes sufficient controls to     requirements. For the purposes of Report No. 503,\n    ensure that J&As comply with federal statutes       GFE\tand\tCAP\twere\treferred\tto\tas\tGFP.\t\n    and regulations and are appropriately used\n    under the circumstances presented.                  When\tthe\tSEC\tissues\tGFP\tto\ta\tcontractor,\tthe\tcon-\n                                                        tractor is required to manage and account for it in\n(6) OA should communicate its policies and              accordance with the FAR and to have a system to\n    procedures governing the J&A process at the         manage it. The contractor should initiate and main\xc2\xad\n    Commission to contracting officers and contract     tain the processes, systems, procedures, records,\n    specialists and provide training as necessary. OA   and methodologies necessary for effective control of\n    should properly notify its staff when previously    GFP\tin\tits\tpossession.\t\n    issued OA guidance (policies and procedures)\n    and administrative regulations are revised,         The\toverall\tobjective\tof\tthe\taudit\twas\tto\tdetermine\t\n    superseded, or no longer available for use.         whether\tsufficient\tmanagement\tcontrols\tover\tGFP\t\n                                                        held by contractors were in place and operating\nManagement\tconcurred\twith\tall\tof\tthe\treport\xe2\x80\x99s\trec\xc2\xad      effectively.\tThe\tspecific\taudit\tobjectives\twere\tto\t\nommendations. The report is available on the OIG        determine whether\nwebsite at http://www.sec-oig.gov/Reports/Audits\xc2\xad\nInspections/2012/507.pdf.                               \xe2\x80\xa2\t   the\tSEC\thas\treliable\trecords\tto\tassess\twhich\t\n                                                             contractors\thave\treceived\tGFP\tand\tthe\tdollar\t\n                                                             value of the assets provided;\nSEC\xe2\x80\x99s Controls Over Government Furnished                \xe2\x80\xa2\t   contracting\tofficer\xe2\x80\x99s\trepresentatives\tor\tothers\t\nEquipment and Contractor Acquired Property                   responsible for administration of property are\n(Report No. 503)                                             properly trained and perform their required\n                                                             duties in accordance with SEC policy;\n               BACKGROUND                               \xe2\x80\xa2\t   contractors\tthat\twere\tprovided\tGFP\tby\tthe\tSEC\t\nThe SEC OIG contracted with Castro & Company,                have performed annual inventories of property\nLLC,\tto\tconduct\tan\taudit\tof\tthe\tSEC\xe2\x80\x99s\tgovernment-            in accordance with their contracts and the FAR;\nfurnished equipment (GFE) and contractor-acquired       \xe2\x80\xa2\t   SEC\tcontractors\tthat\twere\tprovided\tGFP\tby\tthe\t\nproperty\t(CAP)\tand\tto\tidentify\tpotential\tareas\tfor\t          SEC have adequate policies and procedures for\nimprovement. The scope of the audit primarily                management and disposal of property, includ\xc2\xad\ncovered OAS, the Office of Information Technology            ing sanitization and disposal of information\n(OIT), and OFM.                                              technology property such as media, magnetic\n                                                             tapes, removable media, and hard drives,\n                                                             which can contain sensitive data; and\n\n\n\n\n                                                        OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                    |   19\n\x0c\xe2\x80\xa2\t   assets\theld\tby\tcontractors\tare\tproperly\t            (2) OIT should revise its policy to specify how\n     accounted\tfor\tand\treported\tin\tthe\tSEC\xe2\x80\x99s\t                often the office will conduct wall-to-wall\n     financial statements.                                   inventories\tof\tthe\tSEC\xe2\x80\x99s\tinformation\ttechnology\t\n                                                             equipment and how frequently the Configura\xc2\xad\n                    R E S U LT S                             tion Management Database (CMDB) should be\nCastro and Company, LLC, made the following                  updated.\nfindings during its audit:\n                                                         (3)\t OIT should coordinate with the contract\xc2\xad\n\xe2\x80\xa2\t   OAS\tand\tOIT\tcould\tnot\tidentify\tthe\tuniverse\t             ing\tofficer\xe2\x80\x99s\trepresentative\tor\tother\tproperty\t\n     of property issued to contractors that was               accountability officer, as designated in the con\xc2\xad\n     designated\tas\tGFP,\tand\tthey\thave\tnot\tclearly\t            tract, to ensure that government-issued prop\xc2\xad\n     defined\tproperty\tthat\tis\tconsidered\tGFP.\tAs\t             erty items are properly returned to OIT and the\n     a consequence, there is an increased risk that           items are promptly removed from the CMDB\n     the SEC is not complying with the FAR, and               when the contractor is no longer using them or\n     property that is lost, stolen, or misused may not        when the contract is no longer active.\n     be detected.                                        (4) OIT should develop and implement proce\xc2\xad\n\xe2\x80\xa2\t   The\tdatabase\tused\tto\ttrack\tand\tmonitor\tinfor\xc2\xad            dures for monitoring information technol\xc2\xad\n     mation technology equipment is not reliable              ogy equipment at the regional offices that are\n     because its controls are insufficient and do not         communicated to appropriate personnel. These\n     ensure that the information in the database is           procedures\tshould\taddress\tthe\tregional\toffices\xe2\x80\x99\t\n     accurate and complete.                                   roles in monitoring information technology\n\xe2\x80\xa2\t   OIT\thas\tnot\tcompleted\ta\ttimely\tinventory\tof\t             equipment issued to contractors, including their\n     the\tSEC\xe2\x80\x99s\tinformation\ttechnology\tequipment\t              responsibilities when a contractor employee\n     and lacks up-to-date information technology              exits a contract or when the equipment is\n     equipment policies and procedures.                       moved to a new location.\n\xe2\x80\xa2\t   Contracting\tofficers,\tcontract\tspecialists,\tand\t\n     contracting\tofficer\xe2\x80\x99s\trepresentatives\tare\tnot\t      (5) OIT should revise its policies and procedures\n     properly\ttrained\tregarding\ttheir\tGFP\t                   to establish clear accountability within the\n     responsibilities.                                       Asset Management Branch that is associ\xc2\xad\n                                                             ated with properly tracking and monitoring\n          R E C O M M E N D AT I O N S                       information technology equipment, includ\xc2\xad\nBased on the results of the audit, the OIG issued its        ing documenting the issuance and receipt of\nreport on March 28, 2012, and made the following             information technology equipment to specific\nrecommendations:                                             Commission contractors.\n\n(1)\t OAS,\tin\tconjunction\twith\tOIT,\tshould\trevise\t        (6) When OIT completes the 2012 wall-to-wall\n     SECR\t9-3,\tReport\tof\tSurvey\tProgram,\tand\t                inventory of information technology equip\xc2\xad\n     SECR\t9-2,\tProperty\tManagement\tProgram,\t                 ment, it should use this information to establish\n     and clearly define property that is designated as       a baseline of the equipment in the CMDB.\n     GFP.\tOAS\tand\tOIT\tshould\tfurther\tidentify\tin\t\n     SECR 9-3 and 9-2 the particular circumstances       (7)\t OAS,\tin\tconjunction\twith\tOIT,\tshould\tdevelop\t\n     that\tare\tneeded\tto\tmeet\tthe\tGFP\trequirements\t            periodic training for contracting officers, con\xc2\xad\n     in\taccordance\twith\tPart\t45\tof\tthe\tFAR.                   tract\tspecialists,\tand\tcontracting\tofficer\xe2\x80\x99s\trep\xc2\xad\n                                                              resentatives that clearly defines and addresses\n\n\n\n\n20   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0c    their\tresponsibilities\trelated\tto\tGFP\tconsistent\t    audit logs, and the OIG documented the results of\n    with\tPart\t45\tof\tthe\tFAR,\tGovernment\tProperty,\t       the assessment in Report No. 497, Assessment of\n    and\tSECR\t9-2,\tProperty\tManagement\tProgram.           SEC\xe2\x80\x99s\tContinuous\tMonitoring\tProgram.\tDuring\tits\t\n                                                         assessment, C5i was unable to verify whether all log\n(8) OAS should ensure that when the Commis\xc2\xad              settings and user activities were being captured for\n    sion\tissues\tGFP\tto\tcontractors,\tthe\tcontracting\t     all servers. As a result, in May 2011, the OIG modi\xc2\xad\n    officer (and where appropriate the contract          fied its contract with C5i to include an assessment\n    specialist) includes language in the contract that   designed to determine whether audit log data were\n    specifies                                            being captured consistent with the requirements of\n                                                         the Federal Information Security Management Act\n    \xe2\x80\xa2\t   the\tname\tof\tthe\tequipment;                      of\t2002\t(FISMA),\tFederal\tInformation\tProcessing\t\n    \xe2\x80\xa2\t   what\tequipment\twill\tbe\tretained,\tdisposed\t      Standards\t(FIPS)\tand\tNational\tInstitute\tof\tStan\xc2\xad\n         of, or returned to the government;              dards and Technology (NIST) guidelines.\n    \xe2\x80\xa2\t   when\tthe\tequipment\twill\tbe\tdisposed\tof\tor\t\n         returned to the government; and                 The\toverall\tobjective\tof\tthe\treview\twas\tto\tindepen\xc2\xad\n    \xe2\x80\xa2\t   who\tcan\taccept\tthe\treturned\tequipment.          dently evaluate and report on how the Commission\n                                                         has implemented information security requirements\n(9)\t OIT\tshould\tissue\tGFP\tto\tcontractors\tonly\tafter\t     for audit log management, including the genera\xc2\xad\n     it\tobtains\tproof\tthat\tthe\tvendor\xe2\x80\x99s\tcontract\thas\t    tion, review, protection, and retention of audit logs.\n     language authorizing the contractor to receive      An\tadditional\tobjective\twas\tto\treview\tsystem\tand\t\n     the equipment.                                      network logs in the SEC enterprise network, access\n                                                         controls to logs, controls over log management and\nManagement\tconcurred\twith\tall\tof\tthe\treport\xe2\x80\x99s\trec\xc2\xad       analysis, data log collection, and log storage.\nommendations. The report is available on the OIG\nwebsite at http://www.sec-oig.gov/Reports/Audits\xc2\xad                            R E S U LT S\nInspections/2012/503.pdf.                                During the assessment, C5i found the following:\n                                                         (1) some servers were not logging auditable events;\n                                                         (2)\tOIT\xe2\x80\x99s\tpolicies\tand\tprocedures\tfor\taudit\tlog\t\nAssessment of SEC\xe2\x80\x99s System and Network                   capture and management were outdated and did\nLogs (Report No. 500)                                    not clearly define required components such as roles\n                                                         and responsibilities; (3) servers identified as decom\xc2\xad\n               BACKGROUND                                missioned\twere\tstill\tactively\tconnected\tto\tthe\tSEC\xe2\x80\x99s\t\nIn August 2010, the SEC OIG contracted with C5i          enterprise networks and still accessible, and at least\nFederal, Inc. (C5i), to assist with the completion       one of the decommissioned servers was not logging\nand\tcoordination\tof\tthe\tOIG\xe2\x80\x99s\tinput\tto\tthe\tCom\xc2\xad          auditable events; (4) logs were not generated con\xc2\xad\nmission\xe2\x80\x99s\tresponse\tto\tOMB\tMemorandum\t10-15,\t             sistently for application databases because the audit\nFY 2010 Reporting Instructions for the Federal           trail functionality built into the database was not\nInformation Security Management Act and Agency           always\tavailable,\tresulting\tin\tOIT\xe2\x80\x99s\tinability\tto\tcap\xc2\xad\nPrivacy\tManagement.\tThe\tresponse\twas\tsubmitted\t          ture\tlogs\tfor\tall\tauditable\tevents;\tand\t(5)\tOIT\xe2\x80\x99s\tServ\xc2\xad\nto OMB in November 2010 and reported on by               ers\tand\tStorage\tBranch\tand\tOIT\xe2\x80\x99s\tSecurity\tBranch\t\nthe OIG in Report No. 489, 2010 Annual FISMA             did not have an alerting mechanism to notify appro\xc2\xad\nExecutive Summary Report. As part of its work,           priate personnel when some servers were full or had\nC5i\tassessed\tand\treviewed\tthe\tSEC\xe2\x80\x99s\tcontinuous\t          stopped performing logging functions.\nmonitoring of information technology operations\n\n\n\n\n                                                         OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                   |   21\n\x0c           R E C O M M E N D AT I O N S                   (6) OIT should conduct a review of application\nOn March 16, 2012, the OIG issued its report con\xc2\xad             database log management and generation\ntaining the following eight recommendations:                  procedures to ensure that audit events are being\n                                                              captured and retained, consistent with OIT\n(1) OIT should identify capacity requirements                 policies and procedures and NIST guidelines.\n    for all servers, ensure that sufficient capacity\n    is available for the storage of audit records,        (7) OIT should implement a mechanism to notify\n    configure auditing to reduce the likelihood that          OIT\xe2\x80\x99s\tServer\tand\tStorage\tBranch\tor\tOIT\xe2\x80\x99s\t\n    capacity will be exceeded, and implement an               Security Branch when servers stop performing\n    alerting mechanism to alert and notify appro\xc2\xad             certain necessary functions.\n    priate office/divisions when log storage capacity\n    is reached.                                           (8) OIT should implement its plan to develop a\n                                                              computer script that determines whether servers\n(2) When updating its policies and procedures, OIT            are producing certain necessary logs.\n    should include log management language that\n                                                          Management\tconcurred\twith\tall\tof\tthe\treport\xe2\x80\x99s\trec\xc2\xad\n     \xe2\x80\xa2\t   identifies\tthe\troles\tand\tresponsibilities\tof\t   ommendations. The report is available on the OIG\n          staff who are involved in log management,       website at http://www.sec-oig.gov/Reports/Audits\xc2\xad\n     \xe2\x80\xa2\t   requires\tserver\tlogs\tto\tbe\tperiodically\t        Inspections/2012/500.pdf.\n          reviewed to check whether log capacity has\n          been exceeded, and\n     \xe2\x80\xa2\t   requires\tappropriate\tOIT\tofficials\tto\tbe\t       2011 Annual FISMA Executive Summary\n          notified when audit logging functions are       Report (Report No. 501)\n          suspended when log storage capacity has\n          reached its limit.                                             BACKGROUND\n                                                          FISMA provides the framework for securing the\n(3) OIT should review and update all logging poli\xc2\xad        federal\tgovernment\xe2\x80\x99s\tinformation\ttechnology.\t\n    cies\tand\tprocedures\tconsistent\twith\tthe\tpolicy\xe2\x80\x99s\t     FISMA emphasizes the need for organizations to\n    review interval requirements and retain evidence      develop, document, and implement an organiza\xc2\xad\n    of its reviews and any updates to the policy.         tion-wide program to provide security for the infor\xc2\xad\n                                                          mation systems that support their operations and\n(4) OIT should ensure that all servers connected          assets. All agencies must implement the require\xc2\xad\n    to\tthe\tCommission\xe2\x80\x99s\tenterprise\tnetwork\tare\t           ments of FISMA and report annually to OMB,\n    configured to have logging enabled.                   using OMB-issued reporting instructions, on the\n                                                          effectiveness of their information security and pri\xc2\xad\n(5) OIT should update Server Decommission                 vacy programs. OMB uses the information to help\n    Guidelines and include language to fully docu\xc2\xad        evaluate agency-specific and governmentwide infor\xc2\xad\n    ment each action that should be performed             mation security and privacy program performance,\n    when decommissioning a server. OIT should             develop its annual security report to Congress, help\n    also develop a server decommissioning check\xc2\xad          improve and maintain adequate agency perfor\xc2\xad\n    list to be included in the Server Decommission        mance, and develop the E-Government Scorecard\n    Guidelines.                                           under\tthe\tPresident\xe2\x80\x99s\tManagement\tAgenda.\n\n\n\n\n22   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cIn June 2011, the OIG contracted with Networking        had not formally defined a tailored set of baseline\nInstitute of Technology, Inc. (NIT), to assist with     security controls and had not tailored control sets for\nthe\tOIG\xe2\x80\x99s\tresponse\tto\tOMB\tMemorandum\t11-33,\t            specific systems; (4) OIT had not conducted con\xc2\xad\nFY 2011 Reporting Instructions for the Federal          figuration compliance scans and lacked a process for\nInformation Security Management Act and Agency          addressing compliance scan results in a timely man\xc2\xad\nPrivacy\tManagement\tAct,\twhich\tprovided\tinstruc\xc2\xad         ner; and (5) OIT had not implemented the technical\ntions for meeting fiscal year 2011 FISMA reporting      solution\tfor\tlinking\tPersonal\tIdentity\tVerification\t\nrequirements.                                           (PIV)\tcards\tto\tmultifactor\tauthentication.\t\n\nThe 2011 FISMA assessment addressed the follow\xc2\xad                   R E C O M M E N D AT I O N S\ning security requirements:                              On February 2, 2012, the OIG issued a final report\n                                                        containing\tthe\treview\xe2\x80\x99s\tfindings\tand\tthe\tfollowing\t\n\xe2\x80\xa2\t   risk\tmanagement                                    13 recommendations to address those findings:\n\xe2\x80\xa2\t   configuration\tmanagement\n\xe2\x80\xa2\t   incident\tresponse\tand\treporting                    (1) OIT should develop and implement a detailed\n\xe2\x80\xa2\t   security\ttraining                                      plan to review and update OIT security policies\n\xe2\x80\xa2\t   evaluation\tof\tagency\tplan\tof\taction\tand\tmile\xc2\xad          and procedures and to create OIT security poli\xc2\xad\n     stones process                                         cies and procedures for areas that lack formal\n\xe2\x80\xa2\t   remote\taccess\tmanagement                               policies and procedures.\n\xe2\x80\xa2\t   identity\tand\taccess\tmanagement\n\xe2\x80\xa2\t   continuous\tmonitoring\tmanagement                   (2) OIT should develop a comprehensive risk\n\xe2\x80\xa2\t   contingency\tplanning                                   management strategy in accordance with the\n\xe2\x80\xa2\t   agency\toversight\tof\tcontractor\tsystems                 NIST Guide for Applying the Risk Manage\xc2\xad\n\xe2\x80\xa2\t   security\tcapital\tplanning                              ment Framework to Federal Information\n                                                            Systems: A Security Life Cycle Approach that\nNIT\treviewed\tand\tevaluated\tthe\tCommission\xe2\x80\x99s\t                will ensure that management of system-related\nimplementation of information security require\xc2\xad             security risks is consistent with the Commis\xc2\xad\nments and provided the OIG with the results of              sion\xe2\x80\x99s\tmission/business\tobjectives\tand\toverall\t\nits assessment and its recommended responses for            risk strategy.\nsubmission\tto\tOMB\tthrough\tOMB\xe2\x80\x99s\tonline\tFISMA\t\nreporting system and for compiling the 2011 FISMA       (3) OIT should update its current risk management\nExecutive\tSummary\tReport.\tNIT\xe2\x80\x99s\treview\tincluded\t            policy to include language regarding develop\xc2\xad\ninterviewing key OIT personnel and examining poli\xc2\xad          ing a comprehensive governance structure and\ncies, procedures, and related documentation.                ensure that management of system-related\n                                                            security risks is consistent with the Commis\xc2\xad\n                    R E S U LT S                            sion\xe2\x80\x99s\tmission/business\tobjectives\tand\toverall\t\nDuring the review, NIT made the following five key          risk strategy.\nfindings:\t\t(1)\tOIT\xe2\x80\x99s\tFISMA\tpolicies\tand\tprocedures\t\nwere\toutdated\tor\tnonexistent;\t(2)\tOIT\xe2\x80\x99s\trisk\tman\xc2\xad       (4) OIT should develop and implement a formal\nagement policy did not adhere to requirements for           risk management procedure that identifies\na comprehensive governance structure and organi\xc2\xad            an acceptable process for evaluating system\nzational overall risk management strategy and did           risk\tand\tis\tconsistent\twith\tthe\tCommission\xe2\x80\x99s\t\nnot address risk from a mission and business process        mission/business\tobjectives\tand\toverall\trisk\t\nperspective, as described in NIST guidelines; (3) OIT       strategy.\n\n\n\n\n                                                        OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                   |   23\n\x0c(5)\t OIT should develop and implement a formal           (11) OIT should update its policy and include\n     policy that addresses tailoring baseline security        language indicating that deviations from the\n     control sets.                                            baseline configurations that are identified and\n                                                              documented as a result of the configuration\n(6)\t OIT should determine whether it should                   compliance scans are properly remediated in a\n     perform the tailoring process at the organiza\xc2\xad           timely manner.\n     tion level for all information systems (either as\n     the required tailored baseline or as the starting   (12) OIT should provide a new date to OMB for\n     point for system-specific tailoring) at the              implementing the technical solution for linking\n     individual information system level, or using a          multifactor\tauthentication\tto\tPIV\tcards\tfor\t\n     combination of organization-level and system-            system authentication.\n     specific approaches.\n                                                         (13) OIT should complete its implementation of\n(7)\t OIT should tailor a baseline security controls           the technical solution for linking multifactor\n     set (with rationale) for applicable systems in           authentication\tto\tPIV\tcards\tfor\tsystem\tauthen\xc2\xad\n     accordance with the guidance provided by the             tication\tand\trequire\tuse\tof\tPIV\tcards\tas\ta\tsec\xc2\xad\n     NIST Guide for Applying the Risk Manage\xc2\xad                 ond authentication factor by December 2012.\n     ment Framework to Federal Information\n     Systems: A Security Life Cycle Approach, and        Management\tconcurred\twith\tall\tof\tthe\treport\xe2\x80\x99s\trec\xc2\xad\n     the NIST Recommended Security Controls for          ommendations. The report is available on the OIG\n     Federal Information Systems and Organiza\xc2\xad           website at http://www.sec-oig.gov/Reports/Audits\xc2\xad\n     tions.                                              Inspections/2012/501.pdf.\n\n(8)\t OIT should review and update its configu\xc2\xad\n     ration management policy to ensure that it          PENDING AUDITS AND EVALUATIONS\n     complies with the requirements of FISMA\n     and with the guidelines specified in the NIST       Review of SEC\xe2\x80\x99s Continuity of Operations Plan\n     Recommended Security Controls for Federal           A\tcontinuity\tof\toperations\t(COOP)\tplan\tis\tessential\t\n     Information Systems and Organizations, as           for maintaining critical agency operations dur\xc2\xad\n     well as with its internal requirements.             ing disruptions that affect normal operations. The\n                                                         SEC\xe2\x80\x99s\tOffice\tof\tthe\tChief\tOperating\tOfficer\trecently\t\n(9)\t OIT should review and document its current          assumed\toverall\tresponsibility\tfor\tCOOP\tplanning\t\n     standard baseline configuration, including          for\tthe\tCommission.\tThe\tSEC\xe2\x80\x99s\tChief\tInformation\t\n     identification of approved deviations and           Officer has oversight responsibility for the disaster\n     exceptions to the standard.                         recovery\tcomponent\tof\tthe\tSEC\xe2\x80\x99s\tCOOP\tplan.\t\n\n(10) OIT should conduct compliance scans of its          The\tSEC\thas\tformal\tCOOP\tpolicies\tand\tprocedures\t\n     information technology devices, according           and\tconducts\tperiodic\ttesting\tof\tits\tCOOP\tplan.\t\n     to the organizationally defined frequency in        However, a recently issued OIG report found that\n     the policy and procedures, to ensure that all       OIT failover testing for certain internal informa\xc2\xad\n     devices\tare\tconfigured\tas\trequired\tby\tOIT\xe2\x80\x99s\t        tion technology applications had been unsuccessful.\n     configuration management policy and                 Another recently issued OIG report found that the\n     procedures.                                         SEC\xe2\x80\x99s\tregional\toffices\tlacked\tviable\tCOOP\tplans\t\n\n\n\n\n24   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cand that the SEC had not tested the maximum user             member agencies and the Special Inspector General\nlimit\tfor\tremote\taccess\tto\tthe\tSEC\xe2\x80\x99s\tnetwork.                for\tthe\tTroubled\tAsset\tRelief\tProgram).\tCIGFO\t\n                                                             was established to (1) facilitate information sharing\nThe OIG contracted with TWM Associates, Inc.,                among the inspectors general of these entities, (2)\nto\tconduct\ta\treview\tof\tthe\tSEC\xe2\x80\x99s\tCOOP\tplan.\tThe\t             provide a forum for discussing work as it relates\nobjectives\tof\tthe\treview\tare\tto\tdetermine\twhether\t           to the broader financial sector, and (3) evaluate the\nthe\tSEC\thas\ta\tviable\tCOOP\tplan\tsufficient\tto\t                effectiveness and internal operations of FSOC.\nsupport\tthe\tSEC\xe2\x80\x99s\toperations\tat\tits\theadquarters,\t\nOperations Center, Alternate Data Center, and 11             CIGFO has established a working group of inspec\xc2\xad\nregional offices. TWM Associates, Inc., will also            tors general to examine the controls and protocols\ndetermine whether the SEC is adequately prepared             that FSOC and its member agencies are using to\nto perform essential functions during a business             ensure that FSOC-collected information, delibera\xc2\xad\ncontinuity or disaster recovery event, such as a             tions, and decisions are properly safeguarded from\nhuman or natural disaster, national emergency, or            unauthorized disclosure. Members of the CIGFO\ntechnology\tfailure\tthat\tcould\taffect\tthe\tSEC\xe2\x80\x99s\tability\t      working\tgroup\twill\treview\ttheir\trespective\tagency\xe2\x80\x99s\t\nto continue mission-critical and essential functions.        management and internal controls over sensitive and\n                                                             proprietary information collected by and exchanged\n                                                             with FSOC. These reviews will use a standard work\nThe SEC\xe2\x80\x99s Controls Over Sensitive and Pro\xc2\xad                   program to ensure that working group members\nprietary Information Collected and Exchanged                 take a consistent approach to their reviews. The\nWith the Financial Stability Oversight Council               inspectors general will relay their findings to their\nThe OIG has initiated an audit to identify the con\xc2\xad          respective FSOC member agencies, and CIGFO will\ntrols and protocols that the SEC uses to safeguard           incorporate the results of all FSOC member reviews\nsensitive and proprietary information collected by           into a consolidated working group report.\nand exchanged with the Financial Stability Over\xc2\xad\nsight Council (FSOC). FSOC, which was created\nby the Dodd-Frank Act, is charged with identifying           Assessment of the SEC\xe2\x80\x99s Records\nthreats to the financial stability of the country, pro\xc2\xad      Management Practices\nmoting market discipline, and responding to emerg\xc2\xad           Congress established the National Archives and\ning\trisks\tthat\tcould\taffect\tthe\tstability\tof\tthe\tnation\xe2\x80\x99s\t   Records Administration (NARA) in 1934 to cen\xc2\xad\nfinancial\tsystem.\tFSOC\xe2\x80\x99s\tmember\tagencies\tare\tthe\t            tralize\tfederal\trecord\tkeeping.\tNARA\xe2\x80\x99s\tmission\tis\tto\t\nBoard of Governors of the Federal Reserve System,            serve the public by safeguarding and preserving the\nthe Commodity Futures Trading Commission, the                records of the U.S. government, ensuring that the\nFederal Deposit Insurance Corporation, the Federal           people can discover, use, and learn from this docu\xc2\xad\nHousing Finance Agency, the National Credit Union            mentary heritage. All federal agencies are required\nAdministration, the Office of the Comptroller of             to create a records management program that will\nthe Currency, the SEC, and the Department of the             enable them to properly maintain or dispose of their\nTreasury.                                                    records with assistance from NARA.\n\nThe Dodd-Frank Act also created the Council                  Through\ta\treorganization\tin\tJuly\t2010,\tthe\tSEC\xe2\x80\x99s\t\nof Inspectors General on Financial Oversight                 Office of FOIA, Records Management, and Security\n(CIGFO), which includes inspectors general from              assumed responsibility for the Office of Records\nnine\tmajor\tfederal\tfinancial\tentities\t(the\teight\tFSOC\t       Management Services (ORMS). ORMS is respon-\n\n\n\n\n                                                             OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                  |   25\n\x0csible for coordinating, overseeing, and implement\xc2\xad        that may affect the Commission or the U.S. financial\ning\tthe\tSEC\xe2\x80\x99s\tagencywide\trecords\tmanagement\t              markets and advice on and analysis of actual or\nprogram.                                                  proposed U.S. regulations that may have interna\xc2\xad\n                                                          tional impact.\nThe OIG is conducting an audit to examine whether\nORMS                                                      OIA also serves as a focal point for international\n                                                          travel by SEC staff. It reviews all foreign travel prior\n\xe2\x80\xa2\t   has\testablished\ta\tviable\trecords\tmanagement\t         to its approval by the Office of the Chief Operating\n     program that ensures that permanent SEC              Officer, obtains country clearances from the U.S.\n     records are appropriately maintained and             Department of State and any visas that are required,\n     preserved in accordance with applicable federal      and provides international travel guidance on the\n     statutes and regulations; and                        SEC\xe2\x80\x99s\tinternal\twebsite.\n\xe2\x80\xa2\t   adheres\tto\tapplicable\tfederal\tstatutes\tand\t\n     regulations regarding the retention, disposal,       The OIG is currently conducting an audit of OIA to\n     transfer, and recovery of SEC records.               assess whether OIA\n\nWhere appropriate, the OIG will identify areas for        \xe2\x80\xa2\t   has\testablished\tviable\tpolicies,\tprocedures,\tand\t\nimprovement and best practices.                                controls for its program activities;\n                                                          \xe2\x80\xa2\t   effectively\ttracks\tand\tprocesses\trequests\tfor\t\n                                                               technical assistance and enforcement assistance\nAssessment of the Operating Effectiveness of                   in a timely manner;\nthe Office of International Affairs                       \xe2\x80\xa2\t   has\tdeveloped\ta\tprogram\tthat\tensures\tSEC\t\nThe Office of International Affairs (OIA) plans,               employees\xe2\x80\x99\tinternational\ttravel\tis\tappropriately\t\ndevelops, and conducts overseas and U.S.-based                 processed through OIA;\ntrainings and technical assistance for foreign regula\xc2\xad    \xe2\x80\xa2\t   adequately\tcommunicates\tthe\tSEC\xe2\x80\x99s\tinterna\xc2\xad\ntory and law enforcement officials, generally from             tional travel requirements related procedures to\nemerging securities markets. It provides advice on             SEC employees; and\nand assists with cross-border securities investiga\xc2\xad       \xe2\x80\xa2\t   appropriately\tconducts\tand\treports\tits\tstaff\xe2\x80\x99s\t\ntions and litigation originating from the Commis\xc2\xad              international travel in accordance with appli\xc2\xad\nsion, mainly the Division of Enforcement, or from              cable federal regulations and internal policies\nforeign securities regulators and law enforcement              and procedures.\nagencies, utilizing multilateral, bilateral, and other\narrangements and understandings to facilitate infor\xc2\xad      Where appropriate, the OIG will identify areas for\nmation gathering and sharing.                             improvement and best practices.\n\nOIA participates in international policy initiatives in\nlarge part through its involvement in standards-set\xc2\xad      Assessment of the SEC\xe2\x80\x99s Hiring Practices for\nting organizations such as the International Orga\xc2\xad        Senior-Level Positions\nnization of Securities Commissions, which have as         The OIG has received several complaints and allega\xc2\xad\ntheir\tobjective\tthe\timplementation\tof\thigh-quality\t       tions\trelated\tto\tthe\tSEC\xe2\x80\x99s\tfailure\tto\tfollow\testab\xc2\xad\nmultinational securities regulations and accounting,      lished policies and procedures in connection with\nauditing, and enforcement policies and practices.         hiring or promoting some senior-level staff.\nIn addition, OIA provides advice on and analysis          As a result, the OIG is conducting an audit of the\nof regulatory policy initiatives in foreign countries     Commission\xe2\x80\x99s\thiring\tpractices\tfor\tits\tcivil\tservice\t\n\n\n\n\n26   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0csenior-level\tpositions.\tThe\tobjectives\tof\tthe\taudit\tare\t   broker-dealers, investment advisers, self-regulatory\nto examine whether the Office of Human Resources           organizations, other government agencies, and for\xc2\xad\n(OHR)                                                      eign regulators. Divisions and offices throughout the\n                                                           SEC\xe2\x80\x99s\tWashington,\tD.C.,\theadquarters,\tas\twell\tas\t\n\xe2\x80\xa2\t   adheres\tto\tapplicable\tfederal\tstatutes\tand\tregu\xc2\xad      the\tSEC\xe2\x80\x99s\t11\tregional\toffices,\treceive\tTCRs,\twhich\t\n     lations and has developed and implemented             come in through a variety of means, including web\n     policies and procedures to fill senior-level SEC      forms, e-mail, telephone, regular mail, and personal\n     vacancies for competitive service positions,          interactions with SEC staff.\n     excepted service positions, and senior officer\n     positions;                                            As part of its mission to protect investors and ensure\n\xe2\x80\xa2\t   ensures\tthat\tthe\tSEC\xe2\x80\x99s\thiring\tand\tpromotion\t          market integrity, the SEC conducted a comprehen\xc2\xad\n     practices are carried out in a fair and consistent    sive review of its processes for receiving, recording,\n     manner and in accordance with applicable fed\xc2\xad         tracking, and taking action on TCRs. The review\n     eral statutes and regulations and OHR policy          resulted in a comprehensive improvement plan that\n     requirements;                                         addressed\tthe\tSEC\xe2\x80\x99s\tpolicies,\tprocesses,\tand\tinfor\xc2\xad\n\xe2\x80\xa2\t   adequately\tand\ttimely\tcommunicates\tits\thiring\t        mation systems related to TCRs. In March 2011, as\n     authority, decisions, and changes therein to          part of the improvement plan, the SEC implemented\n     SEC staff responsible for processing hiring and       a new system to enable the SEC to gather TCRs\n     promotion actions;                                    and support the internal business process to review,\n\xe2\x80\xa2\t   ensures\tthat\thiring\tand\tpromotion\tdecisions\t          analyze, qualify, and report on the TCRs submitted.\n     are documented in accordance with applicable\n     federal statutes and regulations; and                 The OIG will conduct an audit that examines the\n\xe2\x80\xa2\t   has\ttaken\tappropriate\taction,\tin\taccordance\t          SEC\xe2\x80\x99s\tTCR\tsystem\tand\twill\tassess\t\n     with applicable federal statutes and regulations\n     and OHR policy, when it has received notifica\xc2\xad        \xe2\x80\xa2\t   whether\tthe\tSEC\treceives,\trecords,\ttracks,\tand\t\n     tion that SEC staff have been improperly hired             escalates TCR items in accordance with internal\n     or promoted.                                               policies and procedures, laws, and regulations;\n                                                           \xe2\x80\xa2\t   the\taccuracy\tand\tcompleteness\tof\tdata\tand\t\n                                                                reports generated from the TCR system; and\nAudit of the SEC\xe2\x80\x99s Tips, Complaints, and                   \xe2\x80\xa2\t   the\tcontrols\tand\tprocedures\tutilized\tto\tensure\t\nReferrals System                                                the accuracy and completeness of the trans\xc2\xad\nThe SEC typically receives thousands of tips,                   fer of information from the old interim TCR\ncomplaints, and referrals (TCR) every year from                 repository to the new TCR system.\ninvestors and the general public, as well as from\n\n\n\n\n                                                           OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                  |   27\n\x0c\x0cInvestigations\n\nOVERVIEW                                                   and answered 24 hours a day, 7 days a week. Com\xc2\xad\n\n\n\nT\n        he\tOIG\xe2\x80\x99s\tOffice\tof\tInvestigations\tresponds\t        plaints may also be made to the Hotline through an\n        to allegations of violations of statutes, rules,   online complaint form, which is accessible through\n        and regulations and other misconduct by            the\tOIG\xe2\x80\x99s\twebsite.\tIn\taddition\tto\tbeing\ta\tmecha\xc2\xad\nSEC staff and contractors. The misconduct investi\xc2\xad         nism\tfor\treceiving\tcomplaints,\tthe\tOIG\xe2\x80\x99s\twebsite\t\ngated ranges from criminal wrongdoing and fraud            provides the public with an overview of the work of\nto violations of SEC rules and policies and the            the Office of Investigations, as well as links to some\ngovernmentwide standards of conduct.                       investigative memoranda and reports issued by\n                                                           the Office of Investigations. The OIG also receives\nThe Office of Investigations conducts thorough and         allegations from SEC employees of waste, abuse,\nindependent investigations into allegations received       misconduct, or mismanagement within the Com\xc2\xad\nin accordance with CIGIE Quality Standards for             mission through the OIG SEC Employee Suggestion\nInvestigations and the OIG Investigations Manual.          Program,\twhich\twas\testablished\tpursuant\tto\tsection\t\nThe Investigations Manual contains the procedures          966 of the Dodd-Frank Act.\nby which the OIG conducts its investigations and\npreliminary inquiries and implements CIGIE Qual\xc2\xad           The OIG reviews and analyzes all complaints\nity Standards. The Investigations Manual sets forth        received to determine the appropriate course of\nspecific guidance on, among other things, OIG              action. In instances where it is determined that\ninvestigative authorities and policies, investigator       something less than a full investigation is appropri\xc2\xad\nqualifications, independence requirements, proce\xc2\xad          ate, the OIG may conduct a preliminary inquiry\ndures for conducting investigations and preliminary        into the allegation. If the information obtained\ninquiries, coordination with the U.S. Department of        during the inquiry indicates that a full investiga\xc2\xad\nJustice (DOJ), and issuing reports of investigation.       tion is warranted, the Office of Investigations\n                                                           will commence an investigation of the allegation.\nThe OIG receives complaints through the OIG                When an investigation is opened, the primary OIG\nComplaint Hotline, an office electronic mailbox,           investigator assigned to the case prepares a com\xc2\xad\nmail, facsimile, and telephone. The OIG Complaint          prehensive plan of investigation that describes the\nHotline consists of both telephone and web-based           focus and scope of the investigation, as well as the\ncomplaint mechanisms. Complaints may be made               specific investigative steps to be performed during\nanonymously by calling the Hotline, which is staffed       the investigation. The OIG investigator interviews\n\n\n\n\n                                                           OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                   |   29\n\x0cthe complainant whenever feasible and conducts           INVESTIGATIONS AND INQUIRIES\nsignificant interviews under oath and on the record.     CONDUCTED\nThe OIG investigator may give assurances of confi\xc2\xad\ndentiality to potential witnesses who have expressed     Destruction of Records and Related Incomplete\na reluctance to come forward.                            Statements (Report No. OIG-567)\n                                                         On June 15, 2011, the OIG opened an investigation\nWhere allegations of criminal conduct are involved,      into\tallegations\tthat\tthe\tSEC\xe2\x80\x99s\tDivision\tof\tEnforce\xc2\xad\nthe Office of Investigations notifies and works with     ment (Enforcement) improperly destroyed records\nDOJ and the Federal Bureau of Investigation (FBI),       relating to matters under inquiry (MUI) over the\nas appropriate. The OIG also obtains necessary           past two decades, and that the SEC made mislead\xc2\xad\ninvestigative\tassistance\tfrom\tthe\tSEC\xe2\x80\x99s\tOffice\tof\t       ing statements in a response that was sent to the\nInformation Technology, including the prompt             National Archives and Records Administration\nretrieval of employee e-mails and forensic analysis      (NARA)\tconcerning\tthe\tSEC\xe2\x80\x99s\tpotential\tunauthor\xc2\xad\nof computer hard drives. The OIG investigative staff     ized destruction of MUI records. After the OIG\nalso\tconsults\tas\tnecessary\twith\tthe\tCommission\xe2\x80\x99s\t        opened this investigation, it was further alleged\nEthics Counsel to coordinate activities.                 that the SEC did not have the authority to destroy\n                                                         three categories of documents that are currently not\nUpon completion of an investigation, the OIG inves\xc2\xad      scheduled with NARA: (1) documents produced\ntigator prepares a comprehensive report of investiga\xc2\xad    by third parties, (2) internal work product, and (3)\ntion that sets forth in detail the evidence obtained     internal e-mails.\nduring the investigation. Investigative matters are\nreferred to SEC management and DOJ as appropri\xc2\xad          During this investigation, the OIG requested and\nate. The OIG does not publicly release its reports       reviewed numerous documents from Enforcement\nof investigation because they contain nonpublic          and the Office of Records Management Services.\ninformation. Decisions regarding whether an OIG          The OIG also obtained and searched the e-mails\ninvestigative report should be publicly released, in     of 6 current and former SEC employees\xe2\x80\x94a total\nresponse to a Freedom of Information Act request or      of over 500,000 e-mails. The OIG took the sworn\notherwise, are made by the Commission.                   testimony of 11 current and former SEC employees\n                                                         who had knowledge of the facts relevant to this\nIn many investigative reports provided to SEC            investigation. In addition, the OIG interviewed 12\nmanagement, the OIG makes specific findings and          current and former SEC employees, and one other\nrecommendations, including whether the OIG               individual.\tThe\tOIG\tfurther\treviewed\tEnforcement\xe2\x80\x99s\t\nbelieves disciplinary or other action should be          database records for MUIs. Finally, the OIG sought\ntaken. The OIG requests that management report           and received a written opinion from NARA on\nback disciplinary or other actions taken in response     several issues that were related to MUI documents\nto\tthe\tOIG\xe2\x80\x99s\trecommendations\twithin\t45\tdays\tof\t          and\tthe\tSEC\xe2\x80\x99s\tresponse\tto\tNARA.\nthe issuance of the report. The OIG follows up as\nappropriate with management to determine the sta\xc2\xad        The OIG issued a report of investigation to man\xc2\xad\ntus of disciplinary action taken in matters referred     agement on October 5, 2011, which found that\nby the OIG. The OIG may also make recommen\xc2\xad              for at least 30 years, Enforcement had opened\ndations for improvements in policies, procedures,        MUIs\tas\t\xe2\x80\x9cpre-investigation\tinquiries.\xe2\x80\x9d\t\tMUIs\tare\t\nand internal controls in its investigative reports and   distinct from formal investigations in Enforcement\nclosed 29 such investigative recommendations dur\xc2\xad        and, according to a memorandum from a former\ning the reporting period.                                Enforcement director, are \xe2\x80\x9copened to collect and\n\n\n\n\n30   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0canalyze information to determine whether an             into the apparent unauthorized disposal of federal\nenforcement\tinvestigation\tshould\tbe\tinstituted.\xe2\x80\x9d\t\t      records. However, the OIG found that in the process\nThe OIG investigation found that it had been            of drafting a response to NARA, the SEC made no\nEnforcement\xe2\x80\x99s\tpolicy\tfrom\t1981,\twhen\tMUIs\twere\t         inquiries to determine whether MUI records were\nfirst created, until July 20, 2010, to dispose of all   in fact destroyed. Instead, Enforcement declared\ndocuments related to MUIs that were closed with\xc2\xad        in a letter dated August 27, 2010, that it was \xe2\x80\x9cnot\nout becoming investigations. According to Enforce\xc2\xad      aware of any specific instances of the destruction of\nment, from October 1, 1992, to July 20, 2010,           records from any [MUIs that were closed without\nEnforcement had opened 23,289 MUIs, and 10,468          a subsequent formal investigation], but [could not]\nof these MUIs had been closed without becoming          say with certainty that no such documents have\nan investigation or another MUI.                        been\tdestroyed\tover\tthe\tpast\tseventeen\tyears.\xe2\x80\x9d\t\t\n\nThe\tOIG\tinvestigation\tfound\tthat\tEnforcement\xe2\x80\x99s\t         The\tOIG\tfound\tthat\tthe\tSEC\xe2\x80\x99s\tAugust\t27,\t2010,\t\ncase closing manual, which had been posted on           response to NARA did not comply with federal\nEnforcement\xe2\x80\x99s\tintranet\tsince\tat\tleast\t2001,\tspecifi\xc2\xad    regulations because it did not provide \xe2\x80\x9ca complete\ncally directed Enforcement attorneys as follows:        description of the records with volume and dates if\n\xe2\x80\x9cAfter you have closed a MUI that has not become        known\xe2\x80\x9d\tand\t\xe2\x80\x9ca\tstatement\tof\tthe\texact\tcircumstanc\xc2\xad\nan investigation, you should dispose of any docu\xc2\xad       es surrounding the removal, defacing, alteration or\nments\tobtained\tin\tconnection\twith\tthe\tMUI.\xe2\x80\x9d\tThe\t        destruction\tof\trecords\xe2\x80\x9d\tas\trequired\tby\t36\tC.F.R.\t\nOIG did not find evidence of an improper motive         \xc2\xa7 1230.14(a). In addition, the OIG found that the\nbehind\tEnforcement\xe2\x80\x99s\tlongstanding\tpolicy\tof\t            SEC\xe2\x80\x99s\tresponse\tto\tNARA\tomitted\tinformation\t\ndestroying documents related to closed MUIs that        important to understanding the scope and nature of\ndid not become investigations, although the ratio\xc2\xad      the issue related to the destruction of MUI records.\nnale for the policy was unclear.                        Most\tsignificantly,\tthe\tSEC\xe2\x80\x99s\tresponse\tomitted\tthe\t\n                                                        fact\tthat\tit\thad\tbeen\tEnforcement\xe2\x80\x99s\tpolicy\tto\tdestroy\t\nThe OIG investigation also found that Enforcement       all documents related to closed MUIs that did not\nstaff destroyed documents related to closed MUIs        become investigations. Despite the statement in the\nthat should have been preserved as federal records.     SEC\xe2\x80\x99s\tAugust\t27,\t2010,\tresponse\tletter\tthat\tEnforce\xc2\xad\nThese documents included anonymous correspon\xc2\xad           ment was not aware of any specific instances of\ndence and complaints, correspondence from the           the destruction of records from any MUI that was\nSEC requesting documents from companies in the          closed without a subsequent formal investigation,\ncourse of MUIs, and correspondence that accompa\xc2\xad        the OIG found that Enforcement was aware of at\nnied\tcompanies\xe2\x80\x99\tdocument\tproduction\tresponses.\t         least one specific instance when records from a MUI\nHowever, notwithstanding these instances of record      closed without a subsequent formal investigation\ndestruction in connection with MUIs that were           were destroyed.\nclosed without becoming investigations, the OIG\nwas not aware of a particular investigation that was    The OIG investigation also found that although\nhampered by the destruction of records for a MUI.       Enforcement, pursuant to its longstanding policy,\n                                                        had destroyed three categories of documents that\nThe OIG investigation also found that after an SEC      are currently not scheduled (documents produced\nEnforcement attorney informed NARA in June              by third parties, internal work product, and internal\n2010 that the SEC had been destroying records           e-mails),\tthe\tSEC\xe2\x80\x99s\tarchivist\topined\tthat\tthese\tdocu\xc2\xad\nrelating to MUIs for years, NARA sent a letter to       ments were not records that were required to be\nthe SEC on July 29, 2010, asking the SEC to look        retained. Although it did not appear that the three\n\n\n\n\n                                                        OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                  |   31\n\x0ccategories of documents were improperly destroyed,       A\tpublic\tversion\tof\tthe\tOIG\xe2\x80\x99s\treport\tis\tavailable\ton\t\nthe OIG recommended that the SEC seek formal             the\tCommission\xe2\x80\x99s\twebsite\tat\thttp://www.sec.gov/\nguidance from NARA to ensure that these docu\xc2\xad            foia/docs/oig-567.pdf.\nments are disposed of in accordance with federal\nlaw.\n                                                         Allegations of Violation of Conflict of Interest\nThe OIG did not find evidence that the individuals       Statute by Former Senior Enforcement Official\nwho were responsible for preparing the August 27,        (Report No. OIG-564)\n2010, response to NARA intentionally made mate\xc2\xad          On June 15, 2011, the OIG opened an investiga\xc2\xad\nrially false statements. However, the OIG did find       tion into allegations that a former senior official\nthat certain senior Enforcement officials, in light      in Enforcement may have played an improper role\nof the information available to them, should have        in the decision not to recommend an enforcement\ndrafted a response to NARA that was more forth\xc2\xad          action against a large international financial institu\xc2\xad\ncoming. Accordingly, the OIG referred this matter        tion shortly before he left employment at the SEC.\nto the Director of Enforcement for oral instruction      Specifically, the OIG investigated whether Enforce\xc2\xad\nor counseling of those individuals on the importance     ment previously decided to close an investigation\nof providing full and complete responses to official     of the financial institution without recommending\nrequests from federal agencies such as NARA.             action against it because the senior Enforcement\n                                                         official was pursuing an employment opportunity\nThe OIG also recommended that Enforcement                with the institution. The OIG also investigated\n(1) take appropriate steps as necessary, including       whether there was any relationship between or quid\ncoordination with Enforcement attorneys nation\xc2\xad          pro quo\tregarding\tEnforcement\xe2\x80\x99s\tdecision\tto\tclose\t\nwide, to determine what federal records from             the investigation of the institution and the senior\nclosed MUIs are retrievable, and ensure that any         official\xe2\x80\x99s\tsubsequent\temployment\tat\tthe\tinstitution.\nsuch federal records are retained in the same man\xc2\xad\nner that investigative records are retained pursuant     In the course of the investigation, the OIG obtained\nto the current schedule with NARA; (2) work with         and searched over 200,000 e-mails of 15 current\nthe\tSEC\xe2\x80\x99s\tOffice\tof\tRecords\tManagement\tServices\t         and former SEC employees. The OIG also took the\nand NARA to determine which MUI and investiga\xc2\xad           sworn testimony of four current SEC employees and\ntive records are legally required to be retained; (3)    interviewed four former SEC employees. In addi\xc2\xad\ndetermine if there are additional federal records        tion, the OIG reviewed documents produced by\nthat, while not legally required to be retained,         SEC staff that were related to Enforcement investi\xc2\xad\nshould be retained as a matter of Enforcement            gations and MUIs concerning the financial institu\xc2\xad\nprogram policy to enable Enforcement staff to            tion, as well as Enforcement database records.\nunderstand what investigative work has been done\nin closed MUIs and investigations, or for other          On October 19, 2011, the OIG issued its report\npolicy reasons; and (4) review its guidance, includ\xc2\xad     of investigation in this matter. The investigation\ning guidance related to automatically generated          did not find evidence substantiating the allegation\ne-mails, to ensure that it is consistent with Enforce\xc2\xad   that the former senior Enforcement official played\nment\xe2\x80\x99s\tfederal\trecord\tretention\tlegal\tobligations.\t      an\timproper\trole\tin\tthe\tSEC\xe2\x80\x99s\tdecision\tto\tclose\tits\t\nAs of the end of the semiannual reporting period,        investigation of the institution or that there was\nmanagement had not yet taken action to fully             a relationship between or quid pro quo regarding\naddress\tthe\tOIG\xe2\x80\x99s\trecommendations.                       the\tSEC\xe2\x80\x99s\tdecision\tto\tclose\tthe\tinvestigation\tand\t\n\n\n\n\n32   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cthe\tformer\tsenior\tEnforcement\tofficial\xe2\x80\x99s\teventual\t      OIG took the sworn testimony of 24 SEC employ\xc2\xad\nemployment by the institution. The OIG found            ees who had knowledge of the facts relevant to this\nevidence that the former senior Enforcement official    investigation and reviewed 2 testimonies taken in\nhad recused himself from the investigation upon         previous OIG matters. In addition, the OIG inter\xc2\xad\ninitiation of his employment discussions with the       viewed 3 current SEC employees.\ninstitution and that he had not made the decision\nto close the investigation. Because the OIG found       Specifically,\tthe\tOIG\xe2\x80\x99s\tinvestigation\tdid\tnot\tsubstan\xc2\xad\nthat the former senior Enforcement official had not     tiate allegations of staff misconduct pertaining to\nplayed a role in the decision to close the investiga\xc2\xad   (1) preselection of a senior manager; (2) improper\ntion of the institution in 2001, the OIG did not find   use of time and attendance codes; (3) abuse of travel\nany appearance of impropriety by the former senior      compensatory time; (4) waste of travel resources;\nEnforcement official regarding the decision to close    (5) improper approval of alternate work schedules,\nthe investigation. The OIG also did not find that       overtime, and holiday pay; (6) disclosure of confi\xc2\xad\nthe senior Enforcement official played a role in a      dential information; (7) inappropriate comments\nprevious MUI concerning the institution.                in the workplace; (8) abusive treatment of staff; (9)\n                                                        perjury\tin\tOIG\ttestimony;\t(10)\tan\timproper\ttraining\t\n                                                        decision; and (11) unprofessional conduct. How\xc2\xad\nInvestigation of Alleged Ethics Violations,             ever,\tthe\tOIG\xe2\x80\x99s\treport\tof\tinvestigation,\tissued\ton\t\nMisconduct, and Time and Attendance Abuse               January 24, 2012, found some areas of concern.\nat a Regional Office (Report Nos. OIG-562\nand PI 10-61)                                           The most significant area of concern found during\nThe OIG opened an investigation on May 4, 2011,         the investigation was evidence that a senior attor\xc2\xad\nincorporating several anonymous complaints that         ney made oral or written comments of an inap\xc2\xad\nreferenced\ta\tregional\toffice\xe2\x80\x99s\tstaff\tmembers.\tThe\t      propriate or sexual nature over the last 12 years\nallegations included claims of general misconduct,      despite being disciplined for his improper behavior.\ntime\tand\tattendance\tabuse,\tmistreatment,\tjob\tprese\xc2\xad     In addition, while investigating the concerns about\nlection, waste of travel resources, and disclosure of   the\tsenior\tattorney\xe2\x80\x99s\tinappropriate\tcomments,\tthe\t\nconfidential information. The OIG also considered       OIG discovered that he had used his government-\nallegations regarding travel policy misconduct at the   issued travel card for personal reasons and used his\nregional office. After opening the investigation, the   government-issued e-mail account inappropriately.\nOIG continued to receive anonymous allegations          Based on these findings, the OIG referred the mat\xc2\xad\npertaining to a wide range of misconduct at the         ter to management for disciplinary action, up to\nregional office.                                        and including termination.\n\nIn total, the OIG investigated 23 complaints.           Although the OIG did not substantiate allegations\nTogether, these complaints alleged that 27 different    that a regional office attorney engaged in time\nregional office staff members engaged in various        and attendance abuse, the OIG did find that the\nforms of misconduct. The OIG conducted a com\xc2\xad           attorney\xe2\x80\x99s\ttime\tand\tattendance\trecords\terroneously\t\nprehensive and thorough investigation and found         indicated that he was in the office working on a day\nthat many of the complaints were unsubstantiated        when he was on vacation. Accordingly, the OIG rec\xc2\xad\nand others had already been addressed by manage\xc2\xad        ommended\tthat\tthe\tattorney\xe2\x80\x99s\ttime\tand\tattendance\t\nment. During the course of the investigation, the       record be amended to reflect appropriate leave.\n\n\n\n\n                                                        OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                  |   33\n\x0cIn\taddition,\tthe\tOIG\xe2\x80\x99s\tinvestigation\tdetermined\t         Management had not yet taken action with respect\nthat a regional office manager provided the names        to\tthe\tOIG\xe2\x80\x99s\trecommendations\tat\tthe\tend\tof\tthis\t\nof certain securities law firms to a registrant who      reporting period.\nultimately used that information to hire a former\nSEC attorney as his counsel in connection with his\ntestimony in an Enforcement matter. Although fed\xc2\xad        Allegation of Favorable Treatment Provided\neral employees are ethically prohibited from making      by Regional Office to Prominent Law Firm\nendorsements while serving in their official capacity,   (Report No. OIG-536)\nthe SEC Ethics Counsel opined that providing law         The OIG completed its investigation into a com\xc2\xad\nfirm names was not necessarily akin to an endorse\xc2\xad       plaint that regional office attorneys provided favor\xc2\xad\nment. Therefore, the OIG did not recommend any           able treatment to a prominent law firm with respect\ndisciplinary or other administrative action against      to\tthe\tfirm\xe2\x80\x99s\talleged\trole\tin\tcomputer\ttampering,\t\nthe\tmanager.\tThe\tOIG\xe2\x80\x99s\tinvestigation\talso\tsubstanti\xc2\xad     and the potential cover-up of that tampering, in\nated the allegation that a number of regional office     connection with an ongoing SEC enforcement\nstaff members socialized with the former SEC attor\xc2\xad      action involving a fraud scheme. The complain\xc2\xad\nney following the Enforcement matter proceeding.         ants alleged that a computer firm recommended\nThe OIG consulted with the SEC Ethics Counsel,           and hired by the prominent law firm had tampered\nwho opined that no specific ethics rules had been        with\tthe\taccused\tfraudster\xe2\x80\x99s\tcomputers,\twhich\thad\t\nviolated but that there may have been an appear\xc2\xad         been seized by the court-appointed receiver in the\nance that the former SEC attorney received               case. In addition, the complainants claimed that\npreferential treatment. However, because several         the regional office staff and officials likely backed\nregional office managers had recused themselves          off from investigating or pursuing the law firm for\nfrom the ongoing matter, the OIG did not recom\xc2\xad          any alleged role in the computer tampering and the\nmend any further action.                                 alleged cover-up of that tampering because of the\n                                                         existing revolving door between the regional office\nThe\tOIG\xe2\x80\x99s\tinvestigation\tuncovered\tone\tincident\tin\t       and the law firm. The complainants also specifically\nwhich a regional office manager disclosed confiden\xc2\xad      asserted that a now-former regional office official\ntial personnel information. In addition, the OIG         had sought employment with this law firm prior\nfound that several staff members expressed concerns      to his departure from the SEC. The complainants\nabout\tthis\tmanager\xe2\x80\x99s\tmanagement\tstyle\tand\tability\t       further alleged that the regional office staff improp\xc2\xad\nto perform his duties. Finally, the OIG found that       erly provided nonpublic information related to this\nevidence of one verbal conflict between support staff    matter to the law firm.\nmembers was insufficient to establish misconduct\nby the staff members. Accordingly, the OIG referred      During its investigation, the OIG obtained and\nthese findings to management for action as deemed        searched the e-mails of 10 current and former SEC\nappropriate.                                             employees for the relevant time period. In addition,\n                                                         the OIG reviewed numerous court pleadings related\nBecause the OIG received numerous complaints             to\tthe\tSEC\xe2\x80\x99s\tenforcement\taction\tand\tthe\talleged\t\nregarding time and attendance matters, the OIG           tampering. The OIG also took the sworn, on-the\xc2\xad\nalso recommended that the regional office promptly       record testimony of six then-current SEC regional\nimplement a previous OIG recommendation, made            office staff members. In addition, the OIG inter\xc2\xad\nin February 22, 2010, that devices to capture build\xc2\xad     viewed the complainants and the court-appointed\ning entry and exit information be installed in the       receiver.\nregional office.\n\n\n\n\n34   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cThe OIG issued its report of investigation on              of the prominent law firm. In addition, the OIG did\nDecember\t5,\t2011.\tThe\tOIG\xe2\x80\x99s\tinvestigation\tdid\tnot\t         not find evidence that a regional office official had\nsubstantiate the allegation that the regional office       leaked information about the tampering investiga\xc2\xad\nofficials and staff had backed off from investigat\xc2\xad        tion to the prominent law firm.\ning the law firm after learning which law firm\nwas involved in the alleged tampering. Rather, the         Overall, the OIG concluded that there was insuf\xc2\xad\nevidence showed the regional office was aware of           ficient evidence to substantiate the allegations that\nthe identity of the law firm involved prior to the first   regional office officials and staff engaged in miscon\xc2\xad\nmeeting with the receiver about the tampering issue.       duct by failing to investigate the alleged computer\nThe OIG did find that there had been significant           tampering and cover-up because of preferential\nmovement (in terms of employment) of attorneys             treatment accorded to the law firm.\nbetween the regional office and the prominent law\nfirm, but the OIG did not substantiate the allegation\nthat the regional office backed off from pursuing          Misuse of Government Resources and Official\nthe prominent law firm for any improper purpose,           Time at Headquarters (Report No. OIG-570)\nincluding currying favor for potential employment          The OIG opened this investigation on Decem\xc2\xad\nopportunities in the future. The OIG investigation         ber 14, 2011, after receiving information that an\nrevealed that the prominent law firm did attempt to        employee was continuing to use SEC resources and\ninfluence the regional office to take certain actions      official time in support of a nonprofit business. The\nto rein in the court-appointed receiver, but that          employee\twas\tthe\tsubject\tof\ta\tprevious\tOIG\tinvesti\xc2\xad\nthe regional office staff took none of the requested       gation in which similar misconduct was confirmed.\nactions.                                                   The prior investigation concluded that for several\n                                                           years the employee had used substantial Commis\xc2\xad\nMoreover, the OIG investigation did not substanti\xc2\xad         sion resources and official duty hours to support a\nate the allegation that a now former regional office       nonprofit business. The previous investigation also\nofficial had sought employment from the prominent          found that although the employee had been repeat\xc2\xad\nlaw firm while he was still employed with the SEC.         edly admonished by her supervisors to stop doing\nSpecifically, the investigation did not find evidence      so, the employee continued to operate the busi\xc2\xad\nsuggesting that the former official had expressed          ness during official duty hours using government\nany interest in working for the prominent law firm,        resources.\nor that his actions in the enforcement matter were\ndesigned to assist him in obtaining employment             Accordingly, in the prior investigation, the OIG\nat the prominent law firm or at a different law            found that the employee had violated SEC and exec\xc2\xad\nfirm where he was ultimately employed. The OIG             utive branch policies regarding appropriate use of\ninvestigation also found that the regional office          SEC office equipment and information technology\nmade\tonly\tminimal\tefforts\tto\tassist\tin\tthe\treceiver\xe2\x80\x99s\t     resources. On December 17, 2009, the OIG issued\ninvestigation of the alleged computer tampering and        its report of investigation to management, recom\xc2\xad\nrelated cover-up, and that the regional office did         mending\tthat\tthe\temployee\tbe\tsubject\tto\tdisciplinary\t\nnot take certain actions that it had agreed to take or     action, up to and including dismissal from federal\ncould have taken to assist the tampering investiga\xc2\xad        service. On April 26, 2010, SEC management\ntion. However, the OIG did not find sufficient evi\xc2\xad        suspended the employee for 30 calendar days and\ndence\tto\testablish\tthat\tthe\tregional\toffice\xe2\x80\x99s\tdecisions\t   informed\tthe\temployee\tthat\tshe\tcould\tbe\tsubject\t\nregarding the level of assistance it should provide to     to removal from federal service if she repeated the\nthe receiver were related to the alleged involvement       misconduct.\n\n\n\n\n                                                           OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                   |   35\n\x0cDuring the current investigation, the OIG con\xc2\xad           signing their timesheets and telling them the hours\nducted a keyword search of over 60,000 of the            they had to work, and that the contractor employ\xc2\xad\nemployee\xe2\x80\x99s\te-mails\tfor\tan\t8-month\tperiod.\tAddi\xc2\xad          ees had to notify SEC officials by e-mail whenever\ntionally, the OIG reviewed the results of a search       they did not report to work.\nperformed\tby\tOIT\tof\tthe\temployee\xe2\x80\x99s\tSEC\tcomputer\t\nhard drive using specific search terms related to        During the investigation, the OIG obtained and\nher nonprofit business. The OIG also obtained the        searched over 180,000 e-mails of 11 current or for\xc2\xad\nemployee\xe2\x80\x99s\ttime\tand\tattendance\trecords\tfor\t2011\t         mer SEC employees and contractors. The OIG also\nand\tthe\temployee\xe2\x80\x99s\tSEC\tcybersecurity\tand\tprivacy\t        took the sworn testimony of 8 current SEC employ\xc2\xad\ntraining certifications for 2010 and 2011. Finally,      ees and interviewed one current SEC employee. In\nthe OIG contacted the employee multiple times via        addition, the OIG obtained and reviewed docu\xc2\xad\ne-mail and telephone to request that she contact the     ments\trelated\tto\tthe\tcontract\tthat\twas\tthe\tsubject\tof\t\nOIG to schedule her testimony, but the employee          these allegations.\nnever\tresponded\tto\tthese\trequests.\tThe\tOIG\xe2\x80\x99s\treview\t\nof\tthe\temployee\xe2\x80\x99s\te-mails\tand\thard\tdrive\tconfirmed\t      The OIG investigation found evidence that the SEC\nthat she had continued to misuse Commission              contract at issue was administered as a personal\nresources and had used official duty hours to oper\xc2\xad      services contract, in violation of the FAR. The OIG\nate her nonprofit business.                              found\tevidence\tthat\tthe\tcontractor\xe2\x80\x99s\temployees\t\n                                                         were\tsubject\tto\trelatively\tcontinuous\tsupervision\t\nOn January 13, 2012, the OIG issued its report of        and control by SEC employees in almost all aspects\ninvestigation in this matter and recommended that        of their work. Specifically, the OIG found evidence\nSEC management discipline the employee, up to            that these contractor employees (1) performed work\nand including dismissal from federal service. On         on site at SEC offices; (2) performed their work\nMarch 21, 2012, the SEC entered into a settlement        with tools and equipment furnished by the SEC;\nagreement with the employee, pursuant to which           (3) performed services to directly support the\nshe voluntarily retired from federal service.            integral effort of the assigned functions of the SEC;\n                                                         (4) provided the same or extremely similar services\n                                                         as those provided contemporaneously by SEC\nAllegation of Improper Personal Services                 employees and those that had been provided by\nContract (Report No. OIG-569)                            SEC employees whom the contractor employees\nOn June 15, 2011, the OIG opened an investigation        essentially replaced; (5) provided general support\ninto allegations made in an anonymous complaint          services of a long-term duration, as opposed to\nthat\tthe\tSEC\xe2\x80\x99s\tcontract\twith\ta\ttechnology\tfirm\twas\t      services\trelated\tto\ta\tshort-term,\tdiscrete\tproject;\tand\t\na personal services contract in violation of the FAR.    (6) provided services that reasonably required direct\nSpecifically, the anonymous complaint alleged that       or indirect government direction or supervision.\nSEC officials screened all of the federal contractor\nprospective\temployees\xe2\x80\x99\tresumes,\tnotified\tthe\tfederal\t    The\tOIG\xe2\x80\x99s\tconclusions\twere\tfurther\tsupported\tby\t\ncontractor of which candidates they wanted to            evidence that these contractor employees performed\ninterview, and interviewed all of the federal contrac\xc2\xad   work that was principally assigned and reviewed by\ntor employees before they were hired.                    SEC employees, were interviewed and selected by\n                                                         SEC employees, worked on schedules set by SEC\nThe complaint further alleged that SEC officials act\xc2\xad    employees, and sought approval from SEC employ\xc2\xad\ned as supervisors of these contractor employees, and     ees to take leave. The OIG issued its report of inves\xc2\xad\nthat government officials acted as their employer by     tigation on March 29, 2012, and recommended that\n\n\n\n\n36   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cOFM, in consultation with OGC, request a formal         viduals with knowledge of the facts and circum\xc2\xad\nopinion from the Comptroller General of the United      stances surrounding the allegation.\nStates as to whether the Commission violated the\nAntideficiency Act, which prohibits agencies from       In a report of investigation dated November 10,\nemploying personal services unauthorized by law.        2011, the OIG found no evidence to support the\nAs\tof\tthe\tend\tof\tthis\treporting\tperiod,\tthe\tOIG\xe2\x80\x99s\t      allegations that the assessment procured through the\nrecommendation was pending.                             contract was unnecessary. However, the OIG did\n                                                        find that the solicitation was modified twice at the\nThe OIG investigation also found evidence that SEC      request of the firm that was awarded the contract\nemployees exhibited an apparent lack of under\xc2\xad          and that the effect of these modifications was to\nstanding of what constitutes a personal services        lower the requisite qualifications for potential bid\xc2\xad\ncontract. In addition, the OIG learned that although    ders and to eliminate certain restrictions. Accord\xc2\xad\nthe\tcontract\tthat\twas\tthe\tsubject\tof\tthe\tallegations\t   ingly, the OIG referred its findings to management\nhad ended, some of the contractor employees who         for informational purposes.\nworked on that contract might now be performing\nthe same services at the SEC under other contracts,\ngiving rise to a concern that current SEC contracts     Alleged Acceptance of Free or Discounted Legal\nare also being administered as personal services con\xc2\xad   Services From a Prohibited Source (PI 11-25)\ntracts in violation of the FAR. Accordingly, the OIG    On March 14, 2011, the OIG opened a preliminary\nOffice of Investigations has referred this concern to   inquiry\tinto\tan\tanonymous\tcomplainant\xe2\x80\x99s\tallega\xc2\xad\nthe OIG Office of Audits, which plans to conduct        tions that an SEC manager inappropriately accepted\nan audit to determine whether improper personal         free or discounted legal services from a law firm\nservices contracts exist more broadly at the Com\xc2\xad       partner. The complainant alleged that the SEC man\xc2\xad\nmission.                                                ager had recommended the partner for appointment\n                                                        as a receiver in an SEC enforcement matter less than\n                                                        a month prior to the provision of the legal services,\nAllegation of Procurement Violations                    and that the partner provided the free or discounted\n(Report No. OIG-556)                                    service to the manager in gratitude for the appoint\xc2\xad\nDuring the reporting period, the OIG completed its      ment and with the expectation of obtaining similar\ninvestigation into an anonymous complaint alleging      appointments in the future. The complaint further\nthat the SEC awarded a contract for an unnecessary      alleged\tthat\tthe\tSEC\tmanager\xe2\x80\x99s\tacceptance\tof\tfree\t\nassessment to a firm that the OIG previously found      or discounted services from the law firm partner\nhad improperly conveyed material benefits to SEC        created a serious appearance of impropriety. As\nemployees.                                              part of its inquiry, the OIG also looked into the law\n                                                        firm\tpartner\xe2\x80\x99s\tappointment\tas\treceiver\tto\tdetermine\t\nDuring its investigation, the OIG obtained and          whether there was evidence of impropriety by the\nreviewed over 30,000 e-mails of eight current and       SEC manager or anyone else at the SEC.\nformer SEC employees and contractors. The OIG\nalso reviewed evidence provided by headquarters         During its preliminary inquiry, the OIG obtained\noffices and various witnesses related to the pro\xc2\xad       and searched over one million e-mails and took the\ncurement of the assessment. The evidence included       sworn testimony of the SEC manager and another\nvendor proposals, requisition requests, and vendor      SEC employee. Additionally, the OIG interviewed\nevaluation documentation. In addition, the OIG          the SEC Ethics Counsel by telephone.\ntook sworn, on-the-record testimony of three indi\xc2\xad\n\n\n\n\n                                                        OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                 |   37\n\x0cOn February 17, 2012, the OIG issued its memo\xc2\xad           addition, the OIG interviewed staff from OHR and\nrandum report in this matter. The OIG found              the\tU.S.\tOffice\tof\tPersonnel\tManagement\t(OPM)\t\nthat the law firm partner had provided free legal        to obtain information about hiring regulations and\nservices on behalf of the SEC manager and that this      the\tCommission\xe2\x80\x99s\thiring\tauthority.\tThe\tOIG\talso\t\nconstituted a gift from a prohibited source under        contacted the SEC Ethics Office during its inquiry\nthe relevant ethics rules. However, the OIG found        regarding ethical considerations in the hiring process.\ninsufficient evidence to substantiate the allegations    The OIG took sworn, on-the-record testimony of\nthat the service was provided in gratitude for the       the\tsubject.\t\nreceivership appointment and with the expectation\nof obtaining similar appointments in the future. The     The OIG identified a number of circumstances sur\xc2\xad\nOIG also found no evidence that anything improper        rounding the hiring in question that appear to have\noccurred\twith\trespect\tto\tthe\tpartner\xe2\x80\x99s\tappointment\t      violated federal hiring regulations and merit system\nas receiver.                                             principles. Specifically, the OIG found that the hiring\n                                                         supervisor provided substantial assistance to the\nRegarding the acceptance of the free legal services,     applicant during the application process, including\nthe SEC Ethics Counsel opined that there was suf\xc2\xad        giving advance notice of the posting and advice on\nficient evidence of a personal friendship between the    information\tto\tinclude\tin\tthe\tcandidate\xe2\x80\x99s\tapplication.\t\nlaw firm partner and the SEC manager to fall within      In addition, before the relevant vacancy announce\xc2\xad\nan exception to the ethics rules and, therefore, there   ment\tclosed,\tthe\tsubject\tmade\tseveral\tremarks\t\nwas no direct violation of those rules. However, the     indicating that the applicant would be selected for\nEthics Counsel acknowledged that the acceptance          the\tposition.\tFurther,\tthe\tsubject\tdid\tnot\tinterview\t\nof the free legal services created an appearance of      any other qualified candidates.\nimpropriety because the law firm partner was a pro\xc2\xad\nhibited source. Accordingly, the OIG did not find a      The OIG issued a memorandum report to manage\xc2\xad\nbasis for recommending disciplinary action against       ment on January 12, 2012, describing the results of\nthe manager. However, the OIG recommended that           the inquiry and recommending that OHR provide\nthe Ethics Office counsel the manager on how to          training to managers on federal hiring regulations\nproperly address appearance issues in the future.        and determine whether any corrective action should\nThe Ethics Office counseled the manager prior to         be taken with respect to those candidates that\nthe end of the reporting period.                         applied but were not considered for the position. At\n                                                         the end of the reporting period, SEC management\n                                                         action\ton\tthe\tOIG\xe2\x80\x99s\trecommendations\twas\tpending.\t\nProhibited Personnel Practices in Hiring of              The OIG also referred the results of this inquiry to\nHeadquarters Employee (PI 10-07)                         the U.S. Office of Special Counsel, which has the\nThe OIG conducted an inquiry into an anony\xc2\xad              authority to investigate and, where appropriate,\nmous complaint alleging that an SEC headquarters         prosecute claims of prohibited personnel practices.\nsupervisor violated federal hiring regulations when\nthe supervisor hired the relative of a former SEC\nmanager. During its inquiry, the OIG reviewed hir\xc2\xad       Prohibited Personnel Practices in\ning documentation, including the relevant vacancy        Hiring of Senior Officer (PI 10-43)\nannouncement and candidate list. The OIG also            The OIG conducted an inquiry into an anonymous\nobtained and reviewed e-mails of the supervisor who      complaint alleging that an SEC senior officer in\nwas\tthe\tsubject\tof\tthe\tinvestigation,\tthe\tsubject\xe2\x80\x99s\t     headquarters was preselected for his or her position\nsupervisor,\tand\tthe\temployee\thired\tby\tthe\tsubject.\tIn\t   in\tviolation\tof\tfederal\tlaw\tand\tthe\tSEC\xe2\x80\x99s\tinternal\t\n\n\n\n\n38   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cmerit promotion plan. The complaint further              SEC management instituted new standard operating\nalleged that the vacancy announcement for this           procedures and scheduled the first audit under the\nposition was specifically tailored for the desired       new procedures. At the end of the reporting period,\ncandidate and that the candidate was selected            SEC\tmanagement\xe2\x80\x99s\tresponse\tto\tthe\tother\trecom\xc2\xad\nwithout being interviewed. In conducting its inquiry,    mendations was pending. The OIG also referred the\nthe OIG reviewed hiring documentation, including         results of this inquiry to the U.S. Office of Special\nthe relevant vacancy announcement and candidate          Counsel, which has the authority to investigate and,\nlist. The OIG also obtained and reviewed e-mails of      where appropriate, prosecute claims of prohibited\nthe selecting official and an OHR staff member who       personnel practices.\nassisted in preparing the relevant posting. In addi\xc2\xad\ntion,\tthe\tOIG\tinterviewed\tstaff\tfrom\tOPM\tto\tobtain\t\ninformation about hiring regulations. The OIG also       Violation of the Antideficiency Act\ntook sworn, on-the-record testimony of the selecting     Resulting from the Hiring of a Non-U.S.\nofficial and an OHR staff member familiar with the       Citizen (PI 11-45)\nSEC\xe2\x80\x99s\tmerit\tpromotion\tplan.\t                             The OIG opened this inquiry in July 2011 after\n                                                         receiving information from a headquarters\nThe\tOIG\xe2\x80\x99s\tinquiry\tidentified\ta\tnumber\tof\tcircum\xc2\xad         employee that an Antideficiency Act violation had\nstances surrounding the hiring of the senior offi\xc2\xad       occurred when an SEC division hired a non-U.S.\ncer that appear to substantiate the complaint of         citizen. The Office of General Counsel also asked\nimproper preselection. Specifically, the OIG found       the OIG to review the circumstances surrounding\nthat the decision to hire the senior officer was made    this hiring and to provide information to assist\nbefore the vacancy announcement was closed and,          in determining the party who should be named\ntherefore, before the list of eligible candidates had    responsible for the Antideficiency Act violation.\nbeen generated. The hiring of the senior officer         In conducting its inquiry, the OIG obtained and\nwas announced on the same day that the list of           reviewed more than 800,000 e-mails of various\neligible candidates was generated and, as a result,      SEC staff members from the SEC division that\ncandidates other than the senior officer were not        hired the non-U.S. citizen, as well as OHR staff\ngiven consideration for the position. The OIG also       familiar with the hiring. The OIG also took sworn,\nfound that the selecting official did not contact or     on-the-record testimony of six employees who were\ninterview any candidates. However, the OIG found         involved in hiring the non-U.S. citizen. In addition,\nno specific evidence that the vacancy announcement       the\tOIG\treviewed\tthis\temployee\xe2\x80\x99s\tpersonnel\tfile\tand\t\nwas tailored to benefit the senior officer.              documents\trelated\tto\tthe\temployee\xe2\x80\x99s\tselection.\t\n\nThe OIG issued a memorandum report to manage\xc2\xad            The\tOIG\xe2\x80\x99s\tinquiry\tfound\tthat\tthe\tSEC\thad\tunlaw\xc2\xad\nment on December 7, 2011, describing the results of      fully hired a non-U.S. citizen in violation of the\nthe inquiry and recommending that management             Antideficiency Act, which prohibits the use of\n(1) provide training to staff to ensure hiring is        government funds exceeding an amount available\nexecuted in accordance with the merit system princi\xc2\xad     in an appropriation. A longstanding exemption in\nples, (2) finalize and issue a revised merit promotion   appropriations acts that allowed the hiring of non-\nplan\tand\tpost\tit\ton\tthe\tSEC\xe2\x80\x99s\tintranet,\t(3)\tinstitute\t   U.S.\tcitizens\tfrom\tcertain\t\xe2\x80\x9callied\tcountries\xe2\x80\x9d\twas\t\nprocedures\tto\tensure\tthe\tmerit\tpromotion\tplan\xe2\x80\x99s\t         removed by the 2010 Appropriations Act, which\ndocumentation requirements are followed, and             was enacted in December 2009. The OIG found\n(4) consider whether corrective action should be         that this change had not been adequately commu\xc2\xad\ntaken.\tIn\tresponse\tto\tthe\tOIG\xe2\x80\x99s\trecommendations,\t        nicated to SEC staff involved in the hiring process.\n\n\n\n\n                                                         OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                  |   39\n\x0cThe\tOIG\xe2\x80\x99s\tinquiry\talso\tfound\tthat\tSEC\tstaff\twere\t       of two securities accounts that the spouse had kept\nprovided inaccurate guidance regarding the permis\xc2\xad      secret from the SEC employee for several years.\nsibility of hiring non-U.S. citizens. Although the      According to the SEC Ethics Counsel, this disclosure\nnon-U.S.\tcitizen\xe2\x80\x99s\temployment\twas\tterminated\tafter\t     had arisen because the SEC employee was required\nSEC staff became aware of the violation, the Com\xc2\xad       to confirm all of his or her reportable holdings in\nmission employed this person for approximately 10       the\tSEC\xe2\x80\x99s\tinternal\treporting\tsystem.\t\nmonths, in violation of the Antideficiency Act.\n                                                        The OIG obtained and searched of over 600,000\nThe OIG issued a memorandum report to manage\xc2\xad           e-mails and took the sworn testimony of the SEC\nment on October 25, 2011, describing the results        employee. Additionally, the OIG interviewed both\nof the inquiry and recommending that management         the\tSEC\xe2\x80\x99s\tcurrent\tand\tformer\tEthics\tCounsels.\tThe\t\nprovide guidance on hiring limitations to all staff     OIG also reviewed materials necessary to determine\ninvolved in the hiring process, institute proce\xc2\xad        whether the SEC employee violated any SEC rules,\ndures to ensure that all relevant staff are notified    regulations, and policies, or federal laws, includ\xc2\xad\nof changes in hiring authority in a timely manner,      ing several hundred pages of account statements\nand finalize and issue a policy regarding the hir\xc2\xad      and related brokerage information; internal SEC\ning\tof\tnon-U.S.\tcitizens.\tIn\tresponse\tto\tthe\tOIG\xe2\x80\x99s\t     investigative and securities holdings databases; and\nrecommendations, SEC management designated              information provided by the Ethics Office. Finally,\nstaff responsible for regularly reporting on changes    the OIG sought the voluntary testimony of the\nto hiring regulations. At the end of the reporting      employee\xe2\x80\x99s\tspouse,\twho\tdeclined\tto\ttestify\tduring\t\nperiod,\tSEC\tmanagement\xe2\x80\x99s\tresponse\tto\tthe\tOIG\xe2\x80\x99s\t         the\tOIG\xe2\x80\x99s\tinquiry.\t\nremaining recommendations was still pending. The\nOIG also referred the results of this inquiry to the    On March 15, 2012, the OIG issued its memo\xc2\xad\nOffice of the General Counsel for use in determin\xc2\xad      randum report in this matter. The OIG found that\ning the officer(s) or employee(s) responsible for the   the\tSEC\temployee\tfailed\tto\ttimely\tfile\tthe\tspouse\xe2\x80\x99s\t\nAntideficiency Act violation.                           securities holdings in certain accounts as required\n                                                        by SEC regulations. However, the OIG also found\n                                                        that once the SEC employee became aware that\nPossible Violations of Ethical Standards and            the spouse had unreported managed accounts,\nConflict of Interest Statute (PI 11-26)                 secretly\tkept\twithout\tthe\temployee\xe2\x80\x99s\tknowledge,\t\nOn March 28, 2011, after being contacted by the         the\temployee\tcontacted\tthe\tSEC\xe2\x80\x99s\tEthics\tCounsel\tat\t\nSEC Ethics Counsel, the OIG opened a preliminary        that time and arranged for him to advise the spouse\ninquiry into allegations that an SEC employee failed    directly on the best course of action to be taken.\nto\ttimely\treport\ta\tspouse\xe2\x80\x99s\tsecurities\tholdings,\tin\t    The former Ethics Counsel told the OIG under\npossible\tviolation\tof\tRule\t4401.102\tof\tthe\tSEC\xe2\x80\x99s\t       oath that he advised both parties that the employee\nSupplemental Standards of Ethical Conduct. The          should not change any reporting at that time due to\nSEC Ethics Counsel also expressed concerns that the     anticipated changes in the ethics rules, and the OIG\nSEC employee might have investigated one or more        found that they reasonably relied on his advice. The\ncompanies in which the employee had a financial         OIG found further that the employee took affirma\xc2\xad\ninterest\tdue\tto\tthe\tspouse\xe2\x80\x99s\tsecurities\tholdings,\t      tive steps to report and to remedy the situation by\npossibly in violation of a federal conflict of inter\xc2\xad   having the spouse meet more recently with the cur\xc2\xad\nest statute. The OIG was further informed that the      rent Ethics Counsel.\nemployee\xe2\x80\x99s\tspouse\thad\tacknowledged\tthe\texistence\t\n\n\n\n\n40   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cIn addition, the OIG did not find that the SEC           contract shortly after its award. The OIG also did\nemployee\xe2\x80\x99s\tconduct\tviolated\ta\tfederal\tconflict-of-       not find any evidence that the SEC official refer\xc2\xad\ninterest statute. Finally, the OIG obtained evidence     enced in the complaint had any inappropriate intent\nthat the SEC employee had a consistent history of        to award the contract to a friend or to increase the\nconscientiously seeking ethics advice and testified      size of the contract after its award.\ncredibly before the OIG about the events that trans\xc2\xad\npired. Accordingly, the OIG did not find a basis for\nrecommending disciplinary action in this matter and      Alleged Failure to Pursue Insider Trading\nreferred its report to management for informational      Investigation at Headquarters (PI 11-10)\npurposes.                                                On December 15, 2010, the OIG opened an inquiry\n                                                         after being contacted by the staff of a U.S. Senator\n                                                         regarding a press report of an FBI investigation of\nAlleged Improper Award of Sole-Source                    alleged insider trading by third-party consultants for\nContract (PI 11-39)                                      expert network firms, i.e., Wall Street matchmakers\nThe OIG conducted an inquiry into an anonymous           that connect large investors with outside experts.\ncomplaint regarding a contract that the SEC entered      The\tSenator\xe2\x80\x99s\tstaff\trequested\tthat\tthe\tOIG\tinves\xc2\xad\ninto in May 2011. The complaint alleged that the         tigate why no SEC enforcement action had been\ncontract award was inappropriate because it was          brought in response to a 2005 referral made by the\na\tsole-source\taward\tto\ta\tfriend\tof\tan\tSEC\tofficial\xe2\x80\x99s\t    Senator to the SEC regarding allegations of insider\nwife,\tmade\twithout\tthe\tappropriate\tjustification\t        trading by expert network firms outlined in a 2005\nrequired under the applicable regulations. The com\xc2\xad      newspaper\tarticle.\tThe\tSenator\xe2\x80\x99s\tstaff\talso\tasked\t\nplaint further alleged that the SEC official requested   whether the 2010 FBI investigation could have been\nthat the size of the contract be doubled after it was    initiated several years earlier if the SEC had pursued\nawarded.                                                 the\tSenator\xe2\x80\x99s\t2005\treferral.\t\n\nThe OIG obtained and reviewed a copy of the              The OIG conducted an inquiry into this matter and\ncontract file from the Office of Acquisitions and        issued its memorandum report on March 15, 2012.\nobtained and reviewed e-mails of four current SEC        The OIG inquiry found that the SEC promptly initi\xc2\xad\nemployees with knowledge of the relevant facts. The      ated its investigation into the allegations outlined in\nOIG also interviewed four current and former SEC         a 2005 newspaper article that the Senator had pro\xc2\xad\npersonnel and took sworn testimony of the SEC            vided to the SEC. Specifically, the inquiry revealed\nofficial referenced in the anonymous complaint.          that the SEC had opened a matter under inquiry into\n                                                         the allegations the day after the Senator had referred\nOn March 15, 2012, the OIG issued its memo\xc2\xad              the article to the SEC.\nrandum report. The OIG found that the evidence\ndid\tnot\tsubstantiate\tthe\tcomplaint\xe2\x80\x99s\tallegations\t        The OIG inquiry further found that the SEC made\nregarding the contract award because the contract        efforts\tto\tkeep\tthe\tSenator\xe2\x80\x99s\tstaff\tapprised\tof\tthe\t\nappeared to comply with the applicable provisions        ongoing SEC investigation. The OIG inquiry\nof the FAR governing the award of sole-source con\xc2\xad       revealed that the SEC conducted an extensive investi\xc2\xad\ntracts to contractors in the Small Business Adminis\xc2\xad     gation into the allegations raised in 2005, as well as\ntration\xe2\x80\x99s\t8(a)\tProgram\tfor\tsmall\tand\tdisadvantaged\t      a broader analysis of the links between the pharma\xc2\xad\nbusinesses. Further, the OIG found that the evidence     ceutical industry and Wall Street research analysts\ndid\tnot\tsubstantiate\tthe\tcomplaint\xe2\x80\x99s\tclaims\tregard\xc2\xad      from August 2005 through 2006. The OIG inquiry\ning the alleged attempt to double the size of the        established that the SEC made many document\n\n\n\n\n                                                         OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                   |   41\n\x0crequests and conducted interviews. At the outset of       duty to impartially perform his procurement duties.\nthe investigation, the SEC sent document requests to      As a part of its inquiry, the OIG also examined\nfive brokerage firms identified by the 2005 news\xc2\xad         whether the branch chief improperly induced a\npaper article as having received information from         social invitation from this contractor and whether\na clinical researcher. In addition, the SEC requested     the branch chief accepted a gift from the contractor\ndocuments and information from the two largest            that was prohibited, either because the contractor\nconsulting matchmakers. Moreover, the SEC con\xc2\xad            was\tthe\tbranch\tchief\xe2\x80\x99s\tsubordinate\tor\twas\ta\tpro\xc2\xad\ntacted nine pharmaceutical companies with drugs           hibited source as defined by applicable ethics rules.\ninvolved in clinical trials that the 2005 newspaper       Further, the OIG considered whether the branch\narticle had identified as being of significant inter\xc2\xad     chief\xe2\x80\x99s\tconduct\tcreated\tan\timproper\tappearance.\t\nest to Wall Street, interviewed individuals at each       Finally,\tthe\tOIG\treviewed\tthe\tcomplaint\xe2\x80\x99s\tclaim\tthat\t\ncompany knowledgeable about the clinical trials,          the branch chief improperly disclosed nonpublic\nand conducted significant investigative work into         information about future SEC contracts to employ\xc2\xad\nhow information about these clinical trials reached       ees of companies that were bidding for or had exist\xc2\xad\nthe marketplace.                                          ing SEC contracts.\n\nThe OIG found that the SEC received massive               The OIG took the sworn, on-the-record testimony\namounts of data, which the staff reviewed and             of four SEC employees or contractors. The OIG\nanalyzed.\tWhile\tthe\tSEC\xe2\x80\x99s\tinvestigation\tuncovered\t        also consulted with an Assistant Ethics Counsel, the\ncommunications between clinical researchers and           Ethics Counsel, and a contracting officer. Addition\xc2\xad\nWall Street professionals, none of the communica\xc2\xad         ally, the OIG obtained from the contracting officer a\ntions identified by the investigation appear to have      report with detailed information about the relevant\nconveyed information that was both material and           contracts, the winning quotes for one SEC solici\xc2\xad\nnonpublic.\tIn\taddition,\tthe\tSEC\xe2\x80\x99s\tinvestigation\tdid\t      tation, and the notifications sent to unsuccessful\nnot uncover any potential illegal trading activity.       bidders for this solicitation. The OIG also obtained\nDespite its extensive investigation into these matters,   and searched approximately 77,000 e-mails during\nthe SEC did not find evidence supporting a violation      its inquiry.\nof the federal securities laws.\n                                                          On March 27, 2012, the OIG issued its memoran\xc2\xad\nFinally, the OIG inquiry revealed that the 2010 FBI       dum report in this matter. The OIG did not find\ninvestigation into alleged insider trading by third-      sufficient evidence to substantiate the allegation\nparty consultants for expert network firms, which         that\tthe\tbranch\tchief\xe2\x80\x99s\tlimited\tsocialization\twith\t\nwas\treferenced\tby\tthe\tSenator\xe2\x80\x99s\tstaff,\tdid\tnot\tinvolve\t   the\tcontractor\tnegatively\taffected\tthe\tbranch\tchief\xe2\x80\x99s\t\nthe\tsubject\tmatter\tof\tthe\tSEC\xe2\x80\x99s\t2005\tinvestigation.       impartial performance of official contract procure\xc2\xad\n                                                          ment duties. The OIG did find, however, that the\n                                                          branch\tchief\xe2\x80\x99s\tactions\tin\tinducing\tthe\tcontractor\tto\t\nAlleged Conflict of Interest, Improper Induce\xc2\xad            give a social invitation led to the improper appear\xc2\xad\nment and Acceptance of a Gift, and Other                  ance that the branch chief used his SEC position to\nEthics Violations (PI 11-53)                              obtain the invitation. The OIG also concluded that\nThe OIG opened an inquiry after receiving an anon\xc2\xad        the branch chief received a de minimis gift from the\nymous\tcomplaint\tthrough\tthe\tOIG\xe2\x80\x99s\tSEC\tEmployee\t           contractor, who was a prohibited source under the\nSuggestion\tProgram\talleging\tthat\ta\tbranch\tchief\t          gift rules. Nonetheless, the OIG found that cor\xc2\xad\nengaged in social activities with a contractor, creat\xc2\xad    rective action taken by the branch chief and SEC\ning a conflict of interest that impeded his ethical       management was sufficient to remedy any violations\n\n\n\n\n42   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cof the gift and appearance rules. Finally, the OIG       March 31, 2010, the OIG uncovered evidence that\nfound no evidence to substantiate the allegation that    the former official, who played a significant role in\nthe branch chief improperly disclosed nonpublic          multiple decisions over several years that quashed\ninformation to vendors about future SEC contracts.       investigations of Stanford, sought to represent\n                                                         Stanford on three separate occasions after he left the\nAccordingly, the OIG did not find a basis for recom\xc2\xad     SEC to enter private practice. The evidence obtained\nmending disciplinary action against the branch           by the OIG also showed that the former SEC official\nchief, but did recommend that the Ethics Office          actually represented Stanford for a brief period in\nprovide counseling to the branch chief on how to         2006 and communicated with an SEC attorney\nproperly deal with appearance and gift acceptance        about the matter before the SEC Ethics Office\nissues in the future. The SEC Ethics Office provided     informed the former official that it was improper for\ncounseling to the branch chief in accordance with        him to represent Stanford. Subsequent to the issu\xc2\xad\nthe\tOIG\xe2\x80\x99s\trecommendation\tprior\tto\tthe\tend\tof\tthe\t        ance of its report of investigation, the OIG provided\nreporting period.                                        its full cooperation to DOJ in support of the efforts\n                                                         that resulted in this settlement.\n\nCIVIL SETTLEMENT AND GUILTY PLEA                         The full press release discussing the settlement can\nARISING OUT OF OIG INVESTIGATIONS                        be found at http://www.sec-oig.gov/Reports/Other/\n                                                         SEC_OIG_PressRelease_1_13.pdf.\nSettlement With Department of Justice for\nViolation of Federal Conflict of Interest Statute\nOn January 13, 2012, the United States Attorney          Guilty Plea to Felony Fraud\nfor the Eastern District of Texas announced a civil      On March 24, 2012, a former SEC employee pled\nsettlement reached with the former SEC official in       guilty in District of Columbia Superior Court to\ncharge\tof\tthe\tEnforcement\tprogram\tat\tthe\tSEC\xe2\x80\x99s\t          one count of first degree felony fraud. The guilty\nFort Worth Regional Office from 1998 through             plea arose out of an investigation that was conducted\n2005. The agreement alleged that the former              jointly\tby\tthe\tSEC\tOIG,\tthe\tDistrict\tof\tColumbia\tOIG,\t\nofficial violated 18 U.S.C. \xc2\xa7 207, the federal statute   and\tthe\tU.S.\tOffice\tof\tPersonnel\tManagement\tOIG.\t\nprohibiting a former government official from\nmaking a communication or appearance before              The\tevidence\tobtained\tduring\tthe\tjoint\tinvestiga\xc2\xad\na federal agency concerning a particular matter          tion showed that throughout a five-year period the\nin which the official participated personally and        former employee had repeatedly submitted false\nsubstantially while serving the government. As part      income information to various District of Columbia\nof this agreement, the former official agreed to pay     agencies in order to obtain benefits to which the\na $50,000 civil fine, the maximum fine for violating     former employee was not entitled. As a consequence\nthis statute.                                            of these false statements, the former employee\n                                                         fraudulently obtained benefits worth approximately\nThe settlement with the former official arose from       $30,000 from District of Columbia benefit pro\xc2\xad\nfacts uncovered during an OIG investigation into         grams over this five-year period. The investigation\nthe\tSEC\xe2\x80\x99s\tfailure\tto\tbring\tan\tenforcement\taction\t        also revealed that the employee had submitted\nagainst Robert Allen Stanford or his companies           numerous false claims to the federal flexible spend\xc2\xad\n(Stanford) for several years after receipt of numer\xc2\xad     ing account program. Sentencing in the matter was\nous\tcomplaints\tthat\tStanford\twas\toperating\ta\tPonzi\t      scheduled for April 2012.\nscheme. In the report of investigation issued on\n\n\n\n\n                                                         OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                  |   43\n\x0cPENDING INVESTIGATIONS                                favoritism in hiring and retaliation, conflict of inter\xc2\xad\nAs of March 31, 2012, the OIG had ten pending         est, misuse of government resources to falsify docu\xc2\xad\ninvestigations. These included investigations into    ments, waste and mismanagement, and computer\nallegations of privacy violations related to an SEC   security violations. The OIG also had 58 pending\ncontract, assault and building security violations,   inquiries at the end of the reporting period.\n\n\n\n\n44   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cReview of Legislation and Regulations\n\n\n\nD\n         uring the semiannual reporting period, the          20, 2011) (to be codified at 17 C.F.R. parts 229\n         OIG reviewed legislation and proposed               and 230)\n         and final rules and regulations relating to    \xe2\x80\xa2\t   Reporting\tof\tSecurity-Based\tSwap\tTransaction\t\nthe programs and operations of the SEC, pursuant             Data, 75 Fed. Reg. 64643 (interim final tempo\xc2\xad\nto section 4(a)(2) of the Inspector General Act, as          rary rule, October 13, 2010) (to be codified at\namended.                                                     17 C.F.R. part 240)\n                                                        \xe2\x80\xa2\t   Regulation\tSBSR\xe2\x80\x94Reporting\tand\tDissemina\xc2\xad\nIn particular, the OIG conducted a follow-up                 tion of Security-Based Swap Information, 75\nreview of the cost-benefit analyses performed by             Fed. Reg. 75208 (proposed November 19,\nthe SEC in connection with rulemaking initiatives            2010) (to be codified at 17 C.F.R. parts 240\nundertaken pursuant to the Dodd-Frank Wall Street            and 242)\nReform\tand\tConsumer\tProtection\tAct\t(Dodd-\nFrank Act) and issued a report on the results of        During the follow-up review, the OIG also exam\xc2\xad\nthis follow-up review on January 27, 2011 (Report       ined, as appropriate, the following six Dodd-Frank\nNo.\t499).\tSpecifically,\tthe\tOIG\xe2\x80\x99s\tfollow-up\treview\t     Act rulemakings, which it had initially assessed dur\xc2\xad\nfocused on the cost-benefit analyses prepared by        ing the prior semiannual reporting period:\nthe SEC for the following five Dodd-Frank Act\nregulatory initiatives:                                 \xe2\x80\xa2\t   Credit\tRisk\tRetention,\t76\tFed.\tReg.\t24090\t\n                                                             (proposed March 31, 2011) (to be codified at\n\xe2\x80\xa2\t   Shareholder\tApproval\tof\tExecutive\tCompensa\xc2\xad             17 C.F.R. part 246)\n     tion\tand\tGolden\tParachute\tCompensation,\t76\t        \xe2\x80\xa2\t   Clearing\tAgency\tStandards\tfor\tOperation\tand\t\n     Fed. Reg. 6010 (January 25, 2011) (to be codi\xc2\xad          Governance, 76 Fed. Reg. 14472 (proposed\n     fied at 17 C.F.R. parts 229, 240, and 249)              March 3, 2011) (to be codified at 17 C.F.R.\n\xe2\x80\xa2\t   Disclosure\tfor\tAsset-Backed\tSecurities\tRequired\t        part 240)\n     by Section 943 of the Dodd-Frank Wall Street       \xe2\x80\xa2\t   Registration\tand\tRegulation\tof\tSecurity-Based\t\n     Reform\tand\tConsumer\tProtection\tAct,\t76\tFed.\t            Swap Execution Facilities, 76 Fed. Reg. 10948\n     Reg. 4489 (January 20, 2011) (to be codified at         (proposed February 2, 2011) (to be codified at\n     17 C.F.R. parts 229, 232, 240, and 249)                 17 C.F.R. parts 240, 242 and 249)\n\xe2\x80\xa2\t   Issuer\tReview\tof\tAssets\tin\tOfferings\tof\tAsset-     \xe2\x80\xa2\t   Reporting\tby\tInvestment\tAdvisers\tto\tPrivate\t\n     Backed Securities, 76 Fed. Reg. 4231 (January           Funds\tand\tCertain\tCommodity\tPool\tOperators\t\n\n\n\n\n                                                        OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                  |   45\n\x0c     and Commodity Trading Advisors on Form              that\tthe\tSEC\xe2\x80\x99s\tadministrative\tregulation\ton\tthe\tuse\t\n     PF,\t76\tFed.\tReg.\t8068\t(proposed\tJanuary\t26,\t        and\tpreparation\tof\tjustifications\tand\tapprovals,\t\n     2011) (to be codified at 17 C.F.R. parts 275        SECR 10-21, \xe2\x80\x9cRestricting Competition for SEC\n     and 279)                                            Acquisitions,\xe2\x80\x9d\thad\tbeen\tremoved\tfrom\tthe\tSEC\xe2\x80\x99s\t\n\xe2\x80\xa2\t   Registration\tof\tMunicipal\tAdvisors,\t76\tFed.\t        intranet site and was under review. In its report, the\n     Reg. 824 (proposed December 20, 2010) (to           OIG\trecommended\tthat\tthe\tSEC\xe2\x80\x99s\tOffice\tof\tAcquisi\xc2\xad\n     be codified at 17 C.F.R. parts 240 and 249)         tions publish comprehensive policies and procedures\n\xe2\x80\xa2\t   Conflict\tMinerals,\t75\tFed.\tReg.\t80948\t(pro\xc2\xad         governing\tthe\tjustification\tand\tapproval\tprocess\tat\t\n     posed December 15, 2010) (to be codified at         the Commission.\n     17 C.F.R. parts 229 and 249)\n                                                         Similarly,\tduring\tthe\tOIG\xe2\x80\x99s\taudit\tof\tthe\tSEC\xe2\x80\x99s\t\nTo assess the adequacy of the cost-benefit or eco\xc2\xad       controls over government-furnished equipment\nnomic analyses performed by the SEC in connection        and contractor-acquired property (Report No. 503,\nwith the aforementioned rulemakings, the OIG             issued March 28, 2012), the OIG reviewed the\nreviewed and analyzed the relevant requirements of       requirements\tof\tFAR\tPart\t45\tconcerning\tgovern\xc2\xad\nthe\tPaperwork\tReduction\tAct,\t44\tU.S.C.\t\xc2\xa7\t3501\tet\t        ment property. The OIG also examined during\nseq.; the Regulatory Flexibility Act, 5 U.S.C. \xc2\xa7 601     this\taudit\tthe\tSEC\xe2\x80\x99s\tadministrative\tregulation\ton\t\net seq.; the National Securities Market Improvement      the\tagency\xe2\x80\x99s\tproperty\tmanagement\tprogram,\tSECR\t\nAct of 1996 (which amended the Securities Act            9-2, and found that it did not address government-\nof 1933, the Securities Exchange Act of 1934, the        furnished property other than by noting that\nInvestment Advisers Act of 1940, and the Invest\xc2\xad         government-furnished property used by a contrac\xc2\xad\nment Company Act of 1940); Executive Order               tor off-site was governed by the FAR. In addition,\n12866,\tRegulatory\tPlanning\tand\tReview,\t58\tFed.\t          the OIG reviewed SECR 9-3 regarding reports of\nReg. 51735, (September 30, 1993); Executive Order        survey for SEC property and found that it did not\n13563, Improving Regulation and Regulatory               discuss which specific SEC property was desig\xc2\xad\nReview, 76 Fed. Reg. 3821 (January 18, 2011); and        nated as government-furnished property. The OIG\nOffice of Management and Budget Circular A-4,            recommended that the Office of Administrative\nRegulatory Analysis (September 17, 2003).                Services,\tin\tconjunction\twith\tthe\tOffice\tof\tInforma\xc2\xad\n                                                         tion Technology, revise both SECR 9-2 and SECR\nThe OIG also reviewed statutes, rules, and regula\xc2\xad       9-3 to clearly define what property is designated as\ntions, and their impact on Commission programs           government-furnished property and to identify the\nand operations, within the context of other reviews,     particular circumstances needed to meet the require\xc2\xad\naudits, and investigations conducted during the          ments\tof\tFAR\tPart\t45.\t\t\nreporting\tperiod.\tFor\texample,\tin\tthe\tOIG\xe2\x80\x99s\taudit\tof\t\nthe\tSEC\xe2\x80\x99s\tuse\tof\tjustifications\tand\tapprovals\tin\tsole-   During an investigation completed during the\nsource contracting (Report No. 507, issued March         reporting period into an allegation of an improper\n28, 2012), the OIG reviewed and analyzed Federal         personal services contract (Report No. OIG-569,\nAcquisition Regulation (FAR) Subpart 6.3, which          issued March 29, 2012), the OIG reviewed and ana\xc2\xad\nprescribes the policies and procedures that must be      lyzed the FAR provision concerning personal service\napplied when contracts are not awarded under full        contracts, 48 C.F.R. \xc2\xa7 37.104, as well as the Anti-\nand open competition. During its audit, the OIG          deficiency Act prohibition on employing personal\nalso\treviewed\tthe\tSEC\xe2\x80\x99s\tinternal\tpolicies\tand\tpro\xc2\xad       services, 31 U.S.C. \xc2\xa7 1342. In another investiga\xc2\xad\ncedures\tpertaining\tto\tjustifications\tand\tapprovals\t      tion completed during the reporting period into an\nfor other than full and open competition and found       allegation involving the destruction of investigative\n\n\n\n\n46   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0crecords by the Division of Enforcement (Report           Finally, in connection with the preparation of the\nNo. OIG-567, issued October 5, 2011), the OIG            Inspector\tGeneral\xe2\x80\x99s\treport\tfor\tfiscal\tyear\t2011\ton\t\nreviewed and analyzed the requirements of various        the\tSEC\xe2\x80\x99s\tcompliance\twith\tthe\tImproper\tPayments\t\npertinent statutes and regulations. In particular, the   Elimination\tand\tRecovery\tAct\tof\t2010\t(IPERA),\t\nOIG examined the regulations promulgated by the          Public\tLaw\t111-204,\tthe\tOIG\treviewed\tand\tanalyzed\t\nNational Archives and Records Administration con\xc2\xad        the\trequirements\tof\tIPERA.\t\tThe\treview\tfocused\t\ncerning the unlawful or accidental removal, defac\xc2\xad       on\tthe\trequirement\tin\tsection\t3\tof\tIPERA\tthat\tthe\t\ning, alteration, or destruction of federal government    inspector general of each agency prepare an annual\nrecords.                                                 report\ton\tthe\tagency\xe2\x80\x99s\tcompliance\twith\tthe\tact.\n\n\n\n\n                                                         OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                |   47\n\x0cmanagement decisions\n\n\n\n STATUS OF RECOMMENDATIONS WITH NO MANAGEMENT DECISIONS\n management decisions have been made on all audit reports issued before the beginning of this\n reporting period.\n\n\n\n REVISED MANAGEMENT DECISIONS\n no management decisions were revised during the period.\n\n\n\n AGREEMENT WITH SIGNIFICANT MANAGEMENT DECISIONS\n the office of inspector general agrees with all significant management decisions regarding audit\n recommendations.\n\n\n\n INSTANCES WHERE INFORMATION WAS REFUSED\n during this reporting period, there were no instances where information was refused.\n\n\n\n\n48   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0ctables\n\n\n\nTable 1. List of Reports: Audits and Evaluations\n\n  audit/evaluation                                    title                                  date issued\n    number\n       499             follow-up review of cost-benefit analyses in selected\n                       sec dodd-frank act rulemakings                                          1/27/12\n       500             assessment of sec\xe2\x80\x99s system and network logs                             3/16/12\n       501             2011 annual fisma executive summary report                              2/02/12\n       503             sec\xe2\x80\x99s controls over government furnished equipment and\n                       contractor acquired property                                            3/28/12\n       507             sec\xe2\x80\x99s use of Justifications and approvals in sole-source\n                       contracting                                                             3/28/12\n\n\n\n\nTable 2. Reports Issued with Costs Questioned or Funds Put to Better Use\n(Including Disallowed Costs)\n                                                                            number of\n                                                                             reports           value\na. reports issued prior to this period for which no management\n   decision had been made on any issue at the commencement\n   of the reporting period                                                        4        $266,773.24\n    for which some decisions had been made on some issues at the\n    commencement of the reporting period                                          1     $556,811,589.00\nb. reports issued during this period                                              0                $0.00\n                                          total of categories a and b             5     $557,078,362.24\n\nc. for which final management decisions were made during this period              5     $557,078,362.24\nd. for which no management decisions were made during this period                 0                $0.00\ne. for which management decisions were made on some issues\n   during this period                                                             0                $0.00\n                                          total of categories c, d, and e         5     $557,078,362.24\n\n\n\n\n                                                        OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                 |   49\n\x0cTable 3. Reports with Recommendations on which Corrective Action has not been Completed\nrecommendations open 180 days or more\n\n       report number         issue date                 summary of recommendations\n          and title\n439\xe2\x80\x94student loan program    3/27/2008     in consultation with the national treasury employees\n                                          union, develop a detailed distribution plan.\n460\xe2\x80\x94management and          3/26/2010     promptly identify all iaas that have expired and have not\noversight of interagency                  been closed, and deobligate any funds that remain on the\nacquisition agreements                    expired agreements.\n(iaas) at the sec\n                                          take action to close the iaas identified for which the per\xc2\xad\n                                          formance period expired and deobligate the $6.9 million\n                                          in unused funds that remain on the iaas, in accordance\n                                          with the appropriate close-out procedures.\n474\xe2\x80\x94assessment of the      3/29/2010      develop a communication plan to address outreach to\nsec\xe2\x80\x99s bounty program                      both the public and sec personnel regarding the sec\n                                          bounty program, which includes efforts to make informa\xc2\xad\n                                          tion available on the sec\xe2\x80\x99s intranet, enhance informa\xc2\xad\n                                          tion available on the sec\xe2\x80\x99s public website, and provide\n                                          training to employees who are most likely to deal with\n                                          whistleblower cases.\n                                          examine ways in which the commission can increase\n                                          communications with whistleblowers by notifying them\n                                          of the status of their bounty requests without releasing\n                                          nonpublic or confidential information during the course of\n                                          an investigation or examination.\n                                          require that a bounty file (hard copy or electronic) be cre\xc2\xad\n                                          ated for each bounty application, which should contain at\n                                          a minimum the bounty application, any correspondence\n                                          with the whistleblower, documentation of how the whistle\xc2\xad\n                                          blower\xe2\x80\x99s information was utilized, and documentation\n                                          regarding significant decisions made with regard to the\n                                          whistleblower\xe2\x80\x99s complaint.\n                                          incorporate best practices from the department of Justice\n                                          (doJ) and the internal revenue service (irs) into the\n                                          sec bounty program with respect to bounty applica\xc2\xad\n                                          tions, analysis of whistleblower information, tracking of\n                                          whistleblower complaints, recordkeeping practices, and\n                                          continual assessment of the whistleblower program.\n                                          set a timeframe to finalize new policies and procedures\n                                          for the sec bounty program that incorporate the best\n                                          practices from doJ and irs, as well as any legislative\n                                          changes to the program.\n\n\n\n\n50   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cTable 3. Reports with Recommendations, continued\nrecommendations open 180 days or more\n\n      report number            issue date                  summary of recommendations\n         and title\n480\xe2\x80\x94review of the sec\xe2\x80\x99s       9/27/2010     update form 13f to a more structured format, such as\nsection 13(f) reporting                     extensible markup language (xml), to make it easier\nrequirements                                for users and researchers to extract and analyze section\n                                            13(f) data.\n481\xe2\x80\x94the sec\xe2\x80\x99s implemen\xc2\xad       3/31/2011     develop policies and procedures for determining the\ntation of and compliance                    eligibility of contractors requiring temporary access to the\nwith homeland security                      sec\xe2\x80\x99s facilities and information systems.\npresidential directive 12\n(hspd-12)\n                                            promptly deploy appropriate technology (e.g., laptops\n                                            with internal card readers, keyboards with card readers,\n                                            or external card readers) to employees and contractors\n                                            who do not have card readers.\n482\xe2\x80\x94oversight of and          6/29/2011     develop processes, including written policies and\ncompliance with conditions                  procedures, regarding reviewing for compliance with\nand representations related                 conditions and representations in exemptive orders and\nto exemptive orders and                     no-action letters issued to regulated entities on a risk basis.\nno-action letters\n                                            develop and implement processes to consolidate, track,\n                                            and analyze information regarding exemptive orders and\n                                            no-action letters issued to regulated entities, and document\n                                            these processes in written policies and procedures.\n                                            in plans for implementing section 965 of the dodd-frank\n                                            wall street reform and consumer protection act, develop\n                                            procedures to coordinate examinations with those\n                                            conducted by the office of compliance inspections and\n                                            examinations and, as appropriate, include provisions for\n                                            reviewing for compliance with the conditions in exemptive\n                                            orders and representations made in no-action letters on a\n                                            risk basis.\n                                            in connection with monitoring efforts, include compliance\n                                            with the conditions and representations in significant\n                                            exemptive orders and/or no-action letters issued to regu\xc2\xad\n                                            lated entities as risk considerations.\n                                            in connection with compliance efforts, include compli\xc2\xad\n                                            ance with the conditions and representations in significant\n                                            exemptive orders and/or no-action letters issued to regu\xc2\xad\n                                            lated entities as risk considerations.\n\n\n\n\n                                                    OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                     |   51\n\x0cTable 3. Reports with Recommendations, continued\nrecommendations open 180 days or more\n\n       report number         issue date                 summary of recommendations\n          and title\n485\xe2\x80\x94assessment of the       9/29/2010     evaluate risk assessment processes for scoring risk to ensure\nsec\xe2\x80\x99s privacy program                     that the office of information technology adequately weighs\n                                          all appropriate factors, including the identification of risk\n                                          levels by vendors.\n                                          implement an agency-wide policy regarding shared folder\n                                          structure and access rights, ensuring that only the employ\xc2\xad\n                                          ees involved with a particular case have access to that\n                                          data. if an employee backs up additional information to\n                                          the shared resources, only the employee and his or her\n                                          supervisor should have access.\n                                          ensure personal storage tab (pst) files are saved to a\n                                          protected folder.\n                                          provide commission staff training on handling, disposal,\n                                          and storage of portable media storage devices.\n489\xe2\x80\x942010 annual fisma       3/3/2011      complete a logical access integration of the hspd-12 card\nexecutive summary report                  no later than december 2011, as reported to the office of\n                                          management and budget on december 31, 2010.\n491\xe2\x80\x94review of alternative   9/28/2011     take necessary actions to ensure that employees do not\nwork arrangements,                        work unauthorized alternative work schedules, including\novertime compensation,                    required revisions to the collective bargaining agreement\nand coop-related                          and steps to ensure that all commission managers and\nactivities at the sec                     staff are fully informed about which alternative schedules\n                                          are authorized.\n                                          provide comprehensive training to all employees and man\xc2\xad\n                                          agers on all available alternative work schedule programs.\n                                          this training should be provided to all new employees\n                                          during employee orientation and to all employees and\n                                          managers whenever significant changes to policy occur,\n                                          such as upon completion of the human capital directive\n                                          or adoption of a new collective bargaining agreement.\n                                          make up-to-date information on alternative work sched\xc2\xad\n                                          ules and policy available to all employees on the sec\n                                          intranet site and periodically notify employees of its avail\xc2\xad\n                                          ability and location.\n                                          in developing the new human capital directive, work\n                                          with the national treasury employees union to determine\n                                          whether additional alternative work schedules, such as the\n                                          gliding, variable day, variable week, three-day workweek,\n                                          and maxiflex options described in the office of personnel\n                                          management handbook on alternative work schedules,\n                                          should be adopted as options for sec employees.\n\n\n\n52   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cTable 3. Reports with Recommendations, continued\nrecommendations open 180 days or more\n\n      report number          issue date                 summary of recommendations\n         and title\n                                          include in the new human capital directive clear, up-to\xc2\xad\n                                          date information on the laws, policies, guidelines, and\n                                          procedures related to credit hours, compensatory time off,\n                                          payment for overtime worked, and voluntary and uncom\xc2\xad\n                                          pensated services.\n                                          negotiate revisions to the language in the collective\n                                          bargaining agreement between the commission and the\n                                          national treasury employees union with respect to the\n                                          use of credit hours by employees working conforming\n                                          schedules, ensuring that the revised language conforms\n                                          with applicable law.\n                                          institute appropriate controls to ensure that senior officers\n                                          do not receive compensatory time off.\n                                          consult with the office of the general counsel and the\n                                          office of personnel management to determine whether\n                                          the sec should adopt an official policy that addresses\n                                          whether senior officers are permitted to earn credit hours.\n                                          provide comprehensive telework training sessions to sec\n                                          employees that address, among other things, telework\n                                          tools; policies and procedures for discontinuing telework;\n                                          what happens when an employee is promoted, reas\xc2\xad\n                                          signed, or detailed; duty station policy; employee avail\xc2\xad\n                                          ability during telework; employee personal computer\n                                          usage; mandatory telework-related forms; office supplies\n                                          and equipment; and protection of government records.\n                                          provide comprehensive telework training sessions to sec\n                                          managers that address, among other things, telework tools,\n                                          policies and procedures related to managers\xe2\x80\x99 approval\n                                          and denial of employee telework, managers\xe2\x80\x99 right to direct\n                                          employees to report to work on their telework day, and\n                                          managers\xe2\x80\x99 ability to suspend or terminate telework.\n                                          require training and recertification for current teleworkers\n                                          and managers of teleworkers at least every two years.\n                                          develop goals and objectives for accomplishing the work\n                                          listed in the telework program work plan for fiscal year\n                                          2011 and for increasing telework participation by sec\n                                          employees.\n                                          establish a process to monitor progress in meeting the com\xc2\xad\n                                          mission\xe2\x80\x99s telework-related goals and objectives. if the goals\n                                          and objectives are not being met, take action to identify and\n                                          eliminate barriers to meet the goals and objectives.\n\n\n\n                                                  OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                     |    53\n\x0cTable 3. Reports with Recommendations, continued\nrecommendations open 180 days or more\n\n         report number                    issue date                         summary of recommendations\n            and title\n                                                            require all mission-essential personnel to enter into telework\n                                                            agreements that specifically allow them to conduct their con\xc2\xad\n                                                            tinuity of operations responsibilities and the mission-essential\n                                                            functions they will perform during emergencies or agency\n                                                            closures.\n                                                            require mission-essential personnel who have telework\n                                                            agreements to telework periodically to practice their\n                                                            assigned mission-essential and primary mission-essential\n                                                            functions.\n                                                            update the continuity communications section of the sec\xe2\x80\x99s\n                                                            continuity of operations plans and expand it to expressly\n                                                            address conducting essential functions by telework con\xc2\xad\n                                                            sistent with governing federal emergency management\n                                                            agency and office of personnel management directives,\n                                                            and the sec collective bargaining agreement. it should\n                                                            include subsections addressing telework capability, training\n                                                            staff to telework effectively, and exercising agency telework\n                                                            competence as detailed in the commission\xe2\x80\x99s pandemic\n                                                            influenza preparedness plan.\n                                                            instruct regional office directors to revise their regional office\n                                                            continuity of operations plans to address all the essential ele\xc2\xad\n                                                            ments of viable continuity capability specified by the federal\n                                                            emergency management agency, and establish timelines\n                                                            and submission criteria for the revised plans.\n                                                            instruct the directors of the appropriate regional offices to\n                                                            include in their continuity of operations plans strategies for\n                                                            supporting headquarters essential functions during devolu\xc2\xad\n                                                            tion of control.\n                                                            perform server stress tests that incorporate a variety of appli\xc2\xad\n                                                            cations used with remote access.\n 492\xe2\x80\x94audit of sec\xe2\x80\x99s                      8/2/2011           at least annually provide information to sec supervisors\n employee recognition                                       on relevant parts of the sec award program, including (1)\n program and recruitment,                                   types of awards available and procedures for nominating\n relocation, and retention                                  employees for awards, (2) appropriate types of division-and\n incentives                                                 office-level awards for peer recognition, and (3) successful\n                                                            award practices.*\n\n* this recommendation had not been closed by the end of the semiannual reporting period, although management had submitted\ndocumentation of completed corrective action and, after the end of the reporting period, the oig determined that the recommendation\nshould be closed.\n\n\n\n\n54   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cTable 3. Reports with Recommendations, continued\nrecommendations open 180 days or more\n\n         report number                    issue date                         summary of recommendations\n            and title\n                                                            provide formal training on revised policies and procedures\n                                                            and issue information notices to supervisors and employees\n                                                            as needed to reflect changes in practices and policies.\n                                                            develop and implement a mechanism to reward employees\n                                                            for superior or meritorious performance within their job\n                                                            responsibilities through lump-sum performance awards.\n                                                            re-examine budgeted amounts for recruitment, relocation,\n                                                            and retention incentives to ensure that sufficient funds are\n                                                            available, and make supervisors aware of available fund\xc2\xad\n                                                            ing so they can effectively use incentives to recruit and retain\n                                                            needed talent.*\n                                                            consider ways that, as part of the employee recognition\n                                                            program, the office of human resources may be able to\n                                                            provide awards to employees for adopted suggestions\n                                                            submitted to the oig\xe2\x80\x99s suggestion program.*\n 493\xe2\x80\x94ocie regional                       3/30/201           continue efforts to establish a complete interface between\n offices\xe2\x80\x99 referrals to                                      the super tracking and review system or its equivalent, the\n enforcement                                                hub, and the tips, complaints, and referrals system.\n 495\xe2\x80\x94sec\xe2\x80\x99s oversight of the             3/30/2011           determine whether to request that congress modify the\n securities investor protection                             securities investor protection act (sipa) to allow bankruptcy\n corporation\xe2\x80\x99s (sipc) activities                            judges who preside over sipa liquidations to assess the\n                                                            reasonableness of administrative fees in all cases where\n                                                            administrative fees are paid by sipc.\n                                                            utilize more effective methods to communicate with inves\xc2\xad\n                                                            tors in case of the failure of broker-dealers, such as notifying\n                                                            investors of the status of the commission\xe2\x80\x99s efforts throughout\n                                                            the liquidation process or designating an employee, as\n                                                            appropriate, who can communicate directly with investors\n                                                            on matters unique to each liquidation case.\n 497\xe2\x80\x94assessment of                      8/11/2011           review the commission\xe2\x80\x99s microsoft active directory settings\n sec\xe2\x80\x99s continuous                                           and make the necessary changes to ensure that password\n monitoring program                                         policy requirements, as documented in the applicable imple\xc2\xad\n                                                            menting instruction, are strictly enforced for both on-site and\n                                                            remote users and that the documented password structure\n                                                            set forth in policy is strictly enforced.\n                                                            ensure that security controls configurations that are applied\n                                                            in the production environment are identical with those\n                                                            applied in the testing environment.\n\n* this recommendation had not been closed by the end of the semiannual reporting period, although management had submitted\ndocumentation of completed corrective action and, after the end of the reporting period, the oig determined that the recommendation\nshould be closed.\n\n\n\n\n                                                                      OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                           |      55\n\x0cTable 3. Reports with Recommendations, continued\nrecommendations open 180 days or more\n\n         report number                    issue date                         summary of recommendations\n            and title\n                                                            develop and implement written procedures to ensure con\xc2\xad\n                                                            sistency in the commission\xe2\x80\x99s production and testing environ\xc2\xad\n                                                            ments. these procedures should detail the software and\n                                                            hardware components in both environments and specify the\n                                                            actions required to maintain consistent environments.\n                                                            complete and finalize written server and storage log\n                                                            management policies and procedures that fully document\n                                                            the roles and responsibilities for log capture, management,\n                                                            retention and separation of duties\n                                                            analyze the level of criticality of the commission data and\n                                                            the needs and wants of its customers, and establish an\n                                                            appropriate backup retention period based on the results of\n                                                            the analysis and that meets the requirements of the commis\xc2\xad\n                                                            sion.\n                                                            ensure that tapes are handled appropriately.\n                                                            perform periodic audits of separated/terminated employees\n                                                            and contractors to ensure that all account termination notices\n                                                            were received and the appropriate accounts deactivated in\n                                                            a timely manner.\n pi-09-05\xe2\x80\x94sec access card               2/22/2010           ensure, on a commission-wide basis, that all regional\n readers in regional offices                                offices are capable of capturing and recording building\n                                                            entry and exit information of commission employees.\n pi-09-07\xe2\x80\x94employee                      3/10/2010           ensure the revised employee recognition program regula\xc2\xad\n recognition program and                                    tion and/or policy specifically addresses whether informal\n grants of employee awards                                  recognition awards are authorized and, if so, what criteria,\n                                                            standards, and approvals pertain.\n roi-491\xe2\x80\x94allegation of                  3/29/2010           make efforts to recapture a portion of additional award fees\n fraudulently obtained                                      a contractor obtained based on potentially inaccurate data.\n award fees\n roi-505\xe2\x80\x94failure to timely              2/26/2010           ensure as part of changes to complaint handling system that\n investigate allegations of                                 databases used to refer complaints are updated to accu\xc2\xad\n financial fraud                                            rately reflect status of investigations and identity of staff.\n                                                            ensure as part of changes to case-closing system that\n                                                            cases that are not actively being investigated are closed\n                                                            promptly.*\n\n* this recommendation had not been closed by the end of the semiannual reporting period, although management had submitted\ndocumentation of completed corrective action and, after the end of the reporting period, the oig determined that the recommendation\nshould be closed.\n\n\n\n\n56   |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cTable 3. Reports with Recommendations, continued\nrecommendations open 180 days or more\n\n         report number                    issue date                         summary of recommendations\n            and title\n                                                            ensure as part of changes to case-closing system that\n                                                            enforcement staff members have access to accurate informa\xc2\xad\n                                                            tion about the status of investigations and staff requests to\n                                                            close investigations.*\n                                                            ensure as part of changes to case-closing system that staff at\n                                                            all levels are appropriately trained in case-closing proce\xc2\xad\n                                                            dures.*\n roi-540\xe2\x80\x94investigation of               1/25/2011           rectify the on-line recusal database\xe2\x80\x99s inability to store certain\n possible violation of conflict                             information entered on the applicable form.*\n of interest restrictions\n                                                            seek modification from the u.s. office of government\n                                                            ethics of the blanket exemption for sK employees from the\n                                                            one-year cooling-off ban.\n                                                            designate an administrative contact to maintain a list of\n                                                            specific matters from which senior officers are recused.\n roi-544\xe2\x80\x94failure to                     1/20/2011           take immediate measures to determine whether every oit\n complete background inves\xc2\xad                                 employee and contractor has been properly cleared by a\n tigation clearance before                                  background investigation and issued an official sec badge.\n giving access to sec build\xc2\xad\n ings and computer systems\n                                                            issue a directive ending the practice of allowing contractors\n                                                            (or others) to begin work of any kind before being cleared\n                                                            in a proper background investigation and being issued an\n                                                            official sec badge.\n roi-551\xe2\x80\x94allegations of                 3/30/2011           employ technology that will enable the agency to maintain\n unauthorized disclosures of                                records of phone calls made from and received by sec\n non-public information                                     telephones.\n during sec investigations\n roi-560\xe2\x80\x94investigation of               9/16/2011           reconsider position that net equity for madoff customer\n conflict of interest arising                               claims be calculated in constant dollars by conducting a\n from former general                                        re-vote, and advise the bankruptcy court of its results.\n counsel\xe2\x80\x99s participation in\n madoff-related matters\n* this recommendation had not been closed by the end of the semiannual reporting period, although management had submitted\ndocumentation of completed corrective action and, after the end of the reporting period, the oig determined that the recommendation\nshould be closed.\n\n\n\n\n                                                                      OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                           |      57\n\x0cTable 4. Summary of Investigative Activity\n\n     cases                                                              number\n     cases open as of 9/30/2011                                          11\n     cases opened during 10/1/2011\xe2\x80\x933/31/2012                              6\n     cases closed during 10/1/2011\xe2\x80\x933/31/2012                              7\n     total open cases as of 3/31/2012                                    10\n     referrals to department of Justice for prosecution                   2\n     prosecutions                                                         1\n     convictions                                                          1\n     referrals to agency for disciplinary action/other action             7\n\n\n     preliminary inquiries                                              number\n     inquiries open as of 9/30/2011                                      74\n     inquiries opened during 10/1/2011\xe2\x80\x933/31/2012                         28\n     inquiries closed during 10/1/2011\xe2\x80\x933/31/2012                         44\n     total open inquiries as of 3/31/2012                                58\n     referrals to agency for disciplinary action                          2\n\n\n     disciplinary actions (including referrals made in prior periods)   number\n     removals (including resignations and retirements)                    3\n     demotions/suspensions                                                2\n     reprimands                                                           0\n     warnings/other actions                                              10\n\n\n\n\n58    |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cTable 5. Summary of Complaint Activity\n\n  complaints received during the period                                           number\n  complaints pending disposition at the beginning of period                         7\n  hotline complaints received                                                     133\n  other complaints received                                                       120\n  total complaints received                                                       253\n  complaints on which a decision was made                                         259\n  complaints awaiting disposition at end of period                                  1\n\n\n  dispositions of complaints during the period                                    number\n  complaints resulting in investigations                                            5\n  complaints resulting in inquiries                                                28\n  complaints referred to oig office of audits                                       3\n  complaints referred to other agency components                                  164\n  complaints referred to other agencies                                            10\n  complaints included in ongoing investigations or inquiries                       13\n  response sent/additional information requested                                   28\n  no action needed                                                                 10\n\n\n\n\n                                                        OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012   |   59\n\x0cTable 6. References to Reporting Requirements of the Inspector General Act\nthe inspector general act of 1978, as amended, specifies reporting requirements for semiannual reports to\ncongress. the requirements are listed below and indexed to the applicable pages.\n\n     section            inspector general act reporting requirement                               pages\n     section 4(a)(2)    review of legislation and regulations                                    45\xe2\x80\x9347\n     section 5(a)(1)    significant problems, abuses, and deficiencies                          14\xe2\x80\x9324;\n                                                                                                 30\xe2\x80\x9343\n     section 5(a)(2)    recommendations for corrective action                                   14\xe2\x80\x9324;\n                                                                                                 30\xe2\x80\x9343\n     section 5(a)(3)    prior recommendations for corrective action not yet completed            50\xe2\x80\x9357\n     section 5(a)(4)    matters referred to prosecutive authorities                                  59\n     section 5(a)(5)    summary of instances where information was unreasonably\n                        refused or not provided                                                      48\n\n     section 5(a)(6)    list of oig audit and evaluation reports issued during the period            49\n     section 5(a)(7)    summary of significant reports issued during the period                 14\xe2\x80\x9324;\n                                                                                                 30\xe2\x80\x9343\n     section 5(a)(8)    statistical table on management decisions with respect to\n                        questioned costs                                                             49\n\n     section 5(a)(9)    statistical table on management decisions on recommendations\n                        that funds be put to better use                                              49\n\n     section 5(a)(10)   summary of each audit, inspection or evaluation report over six\n                        months old for which no management decision has been made                    48\n\n     section 5(a)(11)   significant revised management decisions                                     48\n\n     section 5(a)(12)   significant management decisions with which the inspector\n                        general disagreed                                                            48\n\n     section 5(a)(14)   appendix of peer reviews conducted by another oig                            61\n\n\n\n\n60    |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0cappendix a. peer reviews of oig operations\n\n\n\nPEER REVIEW OF THE SEC OIG\xe2\x80\x99S                           PEER REVIEW OF THE SEC OIG\xe2\x80\x99S\nAUDIT OPERATIONS                                       INVESTIGATIVE OPERATIONS\nDuring the semiannual reporting period, the SEC        During the semiannual reporting period, the SEC\nOIG did not have an external peer review con\xc2\xad          OIG did not have an external peer review of its\nducted\tof\tits\taudit\toperations.\tPeer\treviews\tof\tOIG\t   investigative\toperations.\tPeer\treviews\tof\tDesignated\t\naudit operations are required to be conducted every    Federal Entity OIGs, such as the SEC OIG, are\nthree years. The most recent peer review of the SEC    conducted on a voluntary basis. The most recent\nOIG\xe2\x80\x99s\taudit\toperations\twas\tconducted\tby\tthe\tCor\xc2\xad       peer\treview\tof\tthe\tSEC\tOIG\xe2\x80\x99s\tinvestigative\topera\xc2\xad\nporation\tfor\tPublic\tBroadcasting\t(CPB)\tOIG.\tThe\t       tions was conducted by the U.S. Equal Employment\nCPB\tOIG\tissued\tits\treport\ton\tthe\tSEC\tOIG\xe2\x80\x99s\taudit\t      Opportunity Commission (EEOC) OIG. The EEOC\noperations in January 2010. This report concluded      OIG\tissued\tits\treport\ton\tthe\tSEC\tOIG\xe2\x80\x99s\tinvestigative\t\nthat\tthe\tSEC\tOIG\xe2\x80\x99s\tsystem\tof\tquality\tfor\tits\taudit\t    operations in July 2007. This report concluded that\nfunction was designed to meet the requirements         the\tSEC\tOIG\xe2\x80\x99s\tsystem\tof\tquality\tfor\tthe\tinvestigative\t\nof the quality control standards established by the    function conformed to the professional standards\nU.S. Comptroller General in all material respects.     established\tby\tthe\tPresident\xe2\x80\x99s\tCouncil\ton\tIntegrity\t\nThe\treport\tis\tavailable\ton\tthe\tSEC\tOIG\xe2\x80\x99s\twebsite\t      & Efficiency and the Executive Council on Integrity\nat http://www.sec-oig.gov/Reports/Other/CPB_Peer\xc2\xad      & Efficiency (now the Council of the Inspectors\nReviewSEC.pdf.                                         General on Integrity & Efficiency).\n\n\n\n\n                                                       OCTOBER 1, 2011\xe2\x80\x93MARCH 31, 2012                  |   61\n\x0coig contact information\n\n\n\nHelp ensure the integrity of SEC operations. Report to the OIG suspected fraud, waste or abuse in SEC\nprograms or operations as well as SEC staff or contractor misconduct. Contact the OIG by:\n\nphone                             Hotline          877.442.0854\n                                  Main Office      202.551.6061\n\nweb-based hotline                 www.sec-oig.gov/ooi/hotline.html\ncomplaint form\n\n\n\nfax                               202.772.9265\n\nmail                              Office of Inspector General\n                                  U.S. Securities and Exchange Commission\n                                  100 F Street, NE\n                                  Washington, DC 20549\n\nemail                             oig@sec.gov\n\n\n\nInformation received is held in confidence upon request. While the OIG encourages complaints to provide\ninformation on how they may be contacted for additional information, anonymous compaints are also\naccepted.\n\n\n\n\n62    |\t\tOIG\tSEMIANNUAL\tREPORT\tTO\tCONGRESS\n\x0c\x0c'